AI OnAI Off

Generic Owin vs AD Owin Authentication Settings

swc
swc
Vote:
 

We're setting up authentication against an AD instance, largely following the instructions here:

http://world.episerver.com/documentation/developer-guides/CMS/security/integrate-azure-ad-using-openid-connect/

This makes use of OWIN to manage the login process.  I notice in the generic OWIN guide here, however, that some things are different:

http://world.episerver.com/documentation/developer-guides/CMS/security/owin-authentication/

Specifically, as part of start up in the latter, there are a number of OWIN config settings that are called:

    // Configure the db context, user manager and signin manager to use a single instance per request
    app.CreatePerOwinContext(ApplicationDbContext.Create);
    app.CreatePerOwinContext(ApplicationUserManager.Create);
    app.CreatePerOwinContext(ApplicationSignInManager.Create);

I don't see these calls in the AD example.  Are they not required for some reason, or were they simply left out of the AD example by mistake?  Should I add these to my Startup class if using AD OpenId authentication or not?

Thanks!

#175809
Mar 02, 2017 16:02
Vote:
 

Those are not in play when using Federated Security with OpenID Connect so you shouldn't have any ApplicationDbContext references in your code.

#176776
Mar 27, 2017 10:01
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.