locked
Using the WebAuthenticationBroker in SSO mode

    Question

  • I'm developing a Windows Store app in javascript that is trying to authenticate with a custom SSO service.  The login/authentication process drops a session cookie that is used on subsequent requests to this service.

    I'm trying to use the WebAuthenticationBroker in "SSO mode" using this method:

    WebAuthenticationBroker.authenticateAsync(WebAuthenticationOptions.none, startURI)

    The docs seem to indicate that any cookies dropped while in the context of the WebAuthenticationBroker will be shared with the 'app context' if SSO mode is used.    Using proxy tools, I can see the set-cookie header on the HTTP response within the WAB context after the user logs in, but after the WebAuthenticationBroker closes (by detecting the redirect of 'ms-app://...'),  subsequent http requests within the app context (using XHR) are missing the SSO cookie.

    1) Am I trying to use the WebAuthenticationBroker in the correct fashion?

    2) If so, is there any way to diagnose what is going wrong? (ie. any way to view the current cookies used by the app?)

    Friday, March 6, 2015 8:16 PM

All replies

  • Use WebAuthenticationBroker class to connect custom SSO service, you need to check your service to support OAuth, such as Facebook, Flickr, Google and Twitter. A code sample shows you how. https://code.msdn.microsoft.com/windowsapps/Web-Authentication-d0485122.

    Monday, March 9, 2015 5:46 AM
  • I've looked at those samples, but they don't demonstrate cookie persistence.

    Tuesday, March 10, 2015 10:19 PM
  • Hi Chiefloaf,

    SSO provide a special purpose SSO app container, to use this container, your app can call the overload of the AuthenticateAsync method that does not take a callback URI. According to your code snippet, I am afraid you are using the incorrect way of SSO. You can see it in detail from this reference. https://msdn.microsoft.com/en-us/library/windows/apps/xaml/hh750287.aspx. Try to understand the web authentication broker workflow using SSO, see how Web authentication broker single sign-on works section in the above link.

    Regards,


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, March 11, 2015 8:04 AM
    Moderator
  • Herro wong, thanks for your response.   

    The article states:

    "To use this (SSO app) container, your app can call the overload of the AuthenticateAsync method that does not take a callback URI."

    As noted above, I am using this method as described;

    WebAuthenticationBroker.authenticateAsync(WebAuthenticationOptions.none, startURI)

    Specifically, I am not providing a callback URI, only relying on the application specific callback (ms-app://...) to close the broker.  Is there something specific I am not doing to enable SSO mode?  


    • Edited by chiefloaf Wednesday, March 11, 2015 4:21 PM
    Wednesday, March 11, 2015 4:21 PM
  • Hi Chiefloaf,

    I am not sure if you are using those API correctly, you can check with this official MSDN sample. https://code.msdn.microsoft.com/windowsapps/Web-Authentication-d0485122.

    If you cannot make it work, try make a mini repro project about the problem in detail on your OneDrive and then share a link here.

    Regards,


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, March 18, 2015 8:01 AM
    Moderator
  • Hi Herro,

    Nithak has already shared the sample link up above.  As stated in my reply, the sample does not demonstrate cookie sharing.


    Friday, March 20, 2015 5:04 PM