question

Andrus-0543 avatar image
0 Votes"
Andrus-0543 asked ZhiLv-MSFT commented

How to set authentication cookie path

In ASP.NET 6 MVC Multi-tenant application tenants have different path base like /tenant1 and /tenant2.
Middlevare sets HttpContext PathBase from request url.
SignInAsync method always sets authentication cookie path to root, /

Trying to set authentication cookie path from PathBase using

 Path = Request.PathBase.HasValue ? Request.PathBase.Value : "/"

in code below throws compile error since AuthenticationProperties does not have Path property.

How to set Cookie Path property so that different users can authenticated in different path bases ?

 public class AccountController : Controller {
  public async Task<IActionResult> LogOn(string user, string password )  {

   // password verificaton removed 

   var claims = new List<Claim>  {
         new Claim(ClaimTypes.Name, user )
         };
   var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
        
   var authProperties = new AuthenticationProperties {
     IsPersistent = true,
     AllowRefresh = true,
 // TODO: This throws compile error since Path property does not exist
    Path = Request.PathBase.HasValue ? Request.PathBase.Value : "/"
    
   };
        
 await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
    }
 }
dotnet-aspnet-core-generaldotnet-aspnet-core-mvcdotnet-aspnet-core-auth
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @Andrus-0543,

I found this same thread, whether the problem has been solved?

161800-image.png

Best regards,
Dillion


0 Votes 0 ·
image.png (54.1 KiB)

Is there simpler solution which does not require writing custom cookie manager ?

0 Votes 0 ·

Hi @Andrus-0543,

You can refer to the following article to create a cookie authentication handler to handle the multi-tenant authentication.

Configuring authentication in multi-tenant ASP.NET Core 5 app.

Best regards,
Dillion

0 Votes 0 ·

0 Answers