2

Currently, and this works, I am doing the following to setup cookie authentication in an ASP MVC Core 2 app using Identity:

services.ConfigureApplicationCookie(options =>
{
    options.ExpireTimeSpan = TimeSpan.FromDays(1);
    options.SlidingExpiration = true;
    options.LoginPath = "/Account/LogIn";
    options.LogoutPath = "/Account/LogOff";
    options.Cookie.Name = "MyCookieName";
    options.AccessDeniedPath = "/Account/AccessDenied";
});

I want to add JWT to this app and according to the documentation here, I do that by using something like this (based on the same configuration as above):

services.AddAuthentication()
.AddCookie(options =>
{
    options.ExpireTimeSpan = TimeSpan.FromDays(1);
    options.SlidingExpiration = true;
    options.LoginPath = "/Account/LogIn";
    options.LogoutPath = "/Account/LogOff";
    options.Cookie.Name = "MyCookieName";
    options.AccessDeniedPath = "/Account/AccessDenied";
})
.AddJwtBearer(options =>
{ // options });

When I do this (even if I leave off the AddJwtBearer chain) the cookie is no longer given the name I specify. The login process still works and I get a cookie but it is named the default Asp cookie name.

I assume that these two methods of setting the options are the same and the ConfigureApplicationCookie is just a shortcut method to the same thing.

Am I missing something?

Thanks, Brian

Improve this question
4
  • You need to provide the authentication scheme name on your AddAuthentication(). Try AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)? Commented Dec 20, 2017 at 20:52
  • Thanks David. I did that and I get the same result, the cookie is named '.AspNetCore.Identity.Application' rather than 'MyCookieName'. Commented Dec 20, 2017 at 21:37
  • hmm weird, coz I had to specify the authentication scheme. If I leave it blank there, I got "No authenticationScheme was specified, and there was no DefaultChallengeScheme found" error. From the cookie name you got '.AspNetCore.Identity.Application', are you using Identity Server 4? Commented Dec 20, 2017 at 21:49
  • I am using the regular asp core identity, not identity server. Commented Dec 20, 2017 at 22:54

1 Answer 1

Reset to default
2

Try the following:

services.AddAuthentication()
        .AddJwtBearer(options =>
        {
            // Jwt options.
        });

services.ConfigureApplicationCookie(options =>
{
    // Cookie settings
});
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

This compiles and I get the correct cookie name. I have not fully tested whether I can connect using a token but I'll assume for now that I will be able to. The docs made me think both auth methods needed to be chained after the AddAuthentication() call. I'll report back after I get it all working in case anyone else comes across this.
@Brian: Did you make any progress on this?
Yes, I have this working. It is setup the way the accepted answer is. One other thing I had to do was to add the [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] attribute to the api controllers to force it to use the correct auth scheme.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.