• State Not Answered
  • Replies 3 replies
  • Subscribers 16 subscribers
  • Views 561 views
  • Users 0 members are here
Options
Related

Changes to OWIN Middleware on version 12.1.x`

Luke R Davidson

I am working on a minor upgrade from 12.0.4 to 12.1.x and after upgrading, our OWIN startup classes are not writing the secure auth cookies like they did in 12.0.4

Wondering if anything changed around this between these two versions that could affect my Startup.cs class from writing the auth cookie.  If I revert back to 12.0.4 it all works fine.

  • 0

    Not sure what you are actually referring to, community does not use OWIN libraries, and if it was not a specific community API, there is not really a guarantee of upgrade safety.  IN terms of auth, not sure which secure cookies you are referring to.  If a site is running SSL, community should be marking cookies secure already.  In terms of authentication cookies, that and SSO were completely overhauled in 12.1 and the application is no longer forms auth based, it is also internally managed.

  • 0 in reply to Patrick M.

    We had a custom AAD Dual auth implementation that used an OWIN startup class.  After moving to 12.1, the cookies it was writing stopped working.

    I'm wondering if the out of the box OpenId provider could work.

  • 0 in reply to Luke R Davidson

    OpenID works with Okta or Azure AD, other services are may work but not verified/tested.   In terms of SSO, there is extensibility using IAuthenticationPlugin(v3), this and the previous versions were the only supported way to achieve SSO.

    You will not get Dual Auth using OpenID.   It might be possible in the new framework to achieve dual SSO, but you would have to write an IAuthenticationPlugin implementation and have something that tells the login process not to redirect.

About
Privacy Policy
Terms of use
Copyright 2024 Verint, Inc.
Powered by Verint Community