locked
Custom authentication failing in Azure RRS feed

  • Question

  • User-2097295820 posted

    I used a Custom principal to do authentication in my web app. My applicaiton has different kinds of administrator with different levels of priviledges and functionality.

    To have a full control of the administrative modules I decided to make use of Customprincipal.

    It works very well on local host.

    The problem I am facing is after a login. during an application flow it like cookies get lost. This happens during payment integration.

    After I make a post to the payment gateway. The payment gateway is suppose to return it response to a special URL on my application.

    This URL is an Actionmethod that accepts a post request.

    At this point Cookies get lost. I try to collect email and ID of the user who makes payment. But I discover that cookies are completely lost.

    Could it be that the payment gateway is completely ignorant of the login authentication cookie or what. I need some expert advise cause I am confused here.

    Wednesday, May 4, 2016 4:18 PM

All replies

  • User1166036563 posted

    Hi,

    Not enough information to know what happen on your app, you need try to investigate a little more. 

    See https://azure.microsoft.com/en-us/blog/disabling-arrs-instance-affinity-in-windows-azure-web-sites/

    Thursday, May 5, 2016 2:06 PM
  • User-646145796 posted

    Hi,

    Based on my understanding, when you deploy your application to Azure, your application does not work well. As you said, you find cookies lost. How do you cache your login information? If use Cache in Azure, please consider Redis cache, refer to https://azure.microsoft.com/en-us/services/cache/ for more information about Redis cache.

    Regards

    Monday, May 9, 2016 3:27 AM
  • User-2097295820 posted

    I did not use a cache. I use a Formauthentication cookie for my CustomPrincipal Object.

        protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
            {
                HttpCookie cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
    
                if (cookie != null)
                {
                    FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(cookie.Value);
                    JavaScriptSerializer serializer = new JavaScriptSerializer();
    
    
    ........
    }

    That is extracted from my Global.asax, Well from my own resolution of the problem.  The process I am using when you login into my application, The authentication cookie is been sent with every request.  So from my debugging, I discovered that when I send to the payment Gateway. the payment gateway returns to my responseurl on my web app after processing the payment request. At this point authentication cookie is lost. Since the payment Gateway is a 3rd party software. Which is totally ignorant of my login authentication. So would the redis cache give me a persistent login session if a 3rd party app is return to my web site. If redis would solve this. I am total new to it. Can I get links to downloadable demos that would help on how to use redis for cache login system.

    Monday, May 9, 2016 11:48 AM