I have a weird issue which occurs on my asp.net MVC app with Owin Oauth authentication/authorization, while it's load balanced. This application acts an Oauth endpoint , our client applications connects using Dotnetopenauth. A single server deployment have no issues at all. I tried few fixes available on internet - Kentor cookie saver, systemwebcookiemanager, session start event etc. But nothing helped. My application is using HTTPS every time , we are using Citrix netscaler for load balancing , SsL offloading. Please help.
Asked
Active
Viewed 348 times
1 Answers
0
Ask the Netscaler admin to
1: Change LB persistance to something else than cookie based persistence (some auth services do not like to have cookies injected)
If the above does not help ask Netscaler admin to
2: Try to disable integrated cache feature and see if the problem goes away. The reason for this suggestion is due to a bug where a MAY_CACHE rule caches content with session cookies. your session cookie values will change pre <-> post login and you will end up with a redirect loop. (Server says user not authenticated, auth server says user is already authenticated)
If option 2 solves your problem i can dig up the details of the bug and how to avoid the bug while still keeping integrated cache feature on.
KaiT
- 156
- 2