locked
User Identity Name returns Null - MVC 5 RRS feed

  • Question

  • User1051638994 posted

    Hello,

    I use CAS SSO for external login to my MVC 5 website. I can login only one time then when I logoff and try to login  again the User.Identity,Name returns null.

    In my account controller I have:

    [HttpPost]
            [AllowAnonymous]
            [ValidateAntiForgeryToken]
            public ActionResult ExternalLogin(string provider, string returnUrl)
            {
                // Request a redirect to the external login provider
                return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl, IsPersistent = false }));
    
            }
    
    
    [AllowAnonymous]
            public ActionResult ExternalLoginCallback(string returnUrl)
            {
                
                string name = User.Identity.Name;
    
                var clerkname= from e in db.clerks.ToArray()
                                where e.ClerkUserName == name
                                select e.ClerkName;
    
    
                HttpContext.Session["ClerkName"] = clerkname.FirstOrDefault();
    
                if (HttpContext.Session["ClerkName"] != null)
                {
    
    
                    return View("Admin");
                }
    
                else
    
                {
                    
                    return Content("<script language='javascript' type='text/javascript'>alert('You are not Authorized');window.location = 'https://nnn.xxx.gr/logout';</script>");
    
                }
    }

    in my LogOff action

     public ActionResult LogOff()
            {
                AuthenticationManager.SignOut();
    
                Session.Abandon();
    
                string[] myCookies = Request.Cookies.AllKeys;
                foreach (string cookie in myCookies)
                {
                    Response.Cookies[cookie].Expires = DateTime.Now.AddDays(-1);
                }
    
                return new RedirectResult("https://nnn.xxx.gr/logout");
            }

    The second time I try to login it goes to "You are not Authorized". Any idea why is this happened?

    thank you

    Thursday, March 4, 2021 6:47 AM

All replies

  • User475983607 posted

    I recommend CAS SSO support.  The code shown does not make sense for an SSO login.  For example, the ExternalLoginCallBack() assumes the user is already logged in to your application and the action is set to anonymous.   How can the action be anonymous and authenticated at the same time?

    Thursday, March 4, 2021 12:05 PM