Use OWIN Ws-Federation package to authenticate against ADFS 3.0

Question

I have an MVC intranet site that needs to use AD accounts for authentication.

I setup ADFS 3.0 (Win Server 2012 R2) and followed this to setup the ADFS Relying Party Tr

Answer 1

Actually, you are just missing this line that is usually before the UseCookieAuthentication method call.

app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

in your case it would be

app.UseExternalSignInCookie(WsFederationAuthenticationDefaults.AuthenticationType);

This is what actually gets executed when you call UseExternalSignInCookie(...), externalAuthenticationType is what you pass in as the string parameter.

app.SetDefaultSignInAsAuthenticationType(externalAuthenticationType);
CookieAuthenticationOptions options = new CookieAuthenticationOptions();
options.AuthenticationType = externalAuthenticationType;
options.AuthenticationMode = AuthenticationMode.Passive;
options.CookieName = ".AspNet." + externalAuthenticationType;
options.ExpireTimeSpan = TimeSpan.FromMinutes(5.0);
app.UseCookieAuthentication(options);

So, if all you are setting is the AuthenticationType, you can safely just call UseExternalSignInCookie as it does it for you.