Hi everybody,
We are developing an .net core Azure Web App and for authentication we use cookie authentication and open id connect authentication.
When going to the start page of our application everything work's as it's supposed to. But leaving page inactive for around 10 minutes and then clicking on any of the links in the page we get following exception:
XMLHttpRequest cannot load https://login.microsoftonline.com/f505412d-3150-4f15-a704-b6ce122de04d/oaut…mdOd12SMYufhag1Ysv-9E2WHXJHApMyfCDDaVtKQ4pcaiB7PyUpieC2a51_AvlB4f5KL7oN21C. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:54538' is therefore not allowed access.
But when refreshing everything work's as it's supposed again. Has anyone seen this problem and found a solution for it?
Our Startup-file contains following code in method Configure:
app.UseSession();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
LoginPath = new PathString("/Authentication/Login")
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
ClientId = Configuration["Authentication:AzureAd:ClientId"],
Authority = Configuration["Authentication:AzureAd:AADInstance"] + Configuration["Authentication:AzureAd:TenantId"],
PostLogoutRedirectUri = Configuration["Authentication:AzureAd:PostLogoutRedirectUri"]
});
And in method ConfigureServices:
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
options.CookieName = "cBook.Session";
options.IdleTimeout = TimeSpan.FromHours(1);
});
services.AddMvc(options =>
{
options.Filters.Add(new ExceptionFilter());
options.Filters.Add(new ActiveDirectoryAuthorizationFilter());
options.Filters.Add(new AuthorizeFilter(
new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build()
));
});
services.AddAuthentication(sharedOptions => sharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton(_ => Configuration);
I would appreciate all help I can get.
Thanks,
jan.
We are developing an .net core Azure Web App and for authentication we use cookie authentication and open id connect authentication.
When going to the start page of our application everything work's as it's supposed to. But leaving page inactive for around 10 minutes and then clicking on any of the links in the page we get following exception:
XMLHttpRequest cannot load https://login.microsoftonline.com/f505412d-3150-4f15-a704-b6ce122de04d/oaut…mdOd12SMYufhag1Ysv-9E2WHXJHApMyfCDDaVtKQ4pcaiB7PyUpieC2a51_AvlB4f5KL7oN21C. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:54538' is therefore not allowed access.
But when refreshing everything work's as it's supposed again. Has anyone seen this problem and found a solution for it?
Our Startup-file contains following code in method Configure:
app.UseSession();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
LoginPath = new PathString("/Authentication/Login")
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
ClientId = Configuration["Authentication:AzureAd:ClientId"],
Authority = Configuration["Authentication:AzureAd:AADInstance"] + Configuration["Authentication:AzureAd:TenantId"],
PostLogoutRedirectUri = Configuration["Authentication:AzureAd:PostLogoutRedirectUri"]
});
And in method ConfigureServices:
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
options.CookieName = "cBook.Session";
options.IdleTimeout = TimeSpan.FromHours(1);
});
services.AddMvc(options =>
{
options.Filters.Add(new ExceptionFilter());
options.Filters.Add(new ActiveDirectoryAuthorizationFilter());
options.Filters.Add(new AuthorizeFilter(
new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build()
));
});
services.AddAuthentication(sharedOptions => sharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton(_ => Configuration);
I would appreciate all help I can get.
Thanks,
jan.