I am trying to port a MVC5 web application to Linux MonoDevelop.
The site is using FormsAuthenication, so on Login action I cal SetAuthCookie() and on my controllers the AuthorizeAttribute to ensure that only logged in users access the functionality.
This all works well while on Windows!
After porting to Mono and debugging with MonoDevelop, I see it is not working. Actually, after successful login, the user is redirected to Login page again.
I tried removing the [Authorize] attribute from HomeController, just to check what is happening and I realized that - when in HomeController action- the User.Identity.IsAuthenticated returns false. I suppose that is why I get the redirection to Login.
But why could it be that User.Identity.IsAuthenticated returns false?
I checked that the SetAuthCookie() on windows creates a .ASPXAUTH cookie in the http Context. On Linux it creates a .MONOAUTH cookie in the http Context. I tried configuring the cookie name in web.config by:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" name=".ASPXAUTH" />
</authentication>
But this didn't work...
UPDATE I realized that, on mono, the SetAuthCookie() runs succesfuly BUT the cookie is not there (by using Firefox cookie management). Yet, on debug, the Response.Cookies Collection incorporates the .ASPXAUTH cookie. It seems like it is unable to be generated on the client.
Check if anywhere in your code the FormsAuthentication.SignOut() is called.
I had a similar issue in mono and it was due to a difference in the cookie lifecycle, which caused an unwanted call to FormsAuthentication.SignOut() and destroyed the .ASPXAUTH cookie before it was actually created.