ServiceStack Authentication [Authenticate] Attribute Fails to Process the ss-id and ss-pid -


i created testservice calls authenticateservice , authenticates user. before calling testservice cleared of cookies make sure once response ss-id , ss-pid cookies, get.

apphost configuration: (ss v4.0.8.0)

//plugins plugins.add(new razorformat()); plugins.add(new sessionfeature()); plugins.add(new authfeature(() => new customusersession(),             new iauthprovider[] { new customcredentialsauthprovider() }));  container.register<icacheclient>(new memorycacheclient()); 

my customcredentialsauthprovider:

public class customcredentialsauthprovider : credentialsauthprovider {     public override bool tryauthenticate(iservicebase authservice, string username, string password)     {         // custom auth logic         // return true if credentials valid, otherwise false         // bool isvalid = membership.validateuser(username, password);         return true;     }      public override void onauthenticated(iservicebase authservice, iauthsession session, iauthtokens tokens, dictionary<string, string> authinfo)     {         base.onauthenticated(authservice, session, tokens, authinfo);          var loginmanager = authservice.tryresolve<loginmanager>();         var logininfo = loginmanager.getlogininfo(session.userauthname);          authservice.savesession(logininfo.customusersession, sessionexpiry);     } } 

my testservice:

public class testservice : service {            public object any(test request)     {         var response = new testresponse();          var authservice = base.resolveservice<authenticateservice>();                     var authresponse = authservice.authenticate(new authenticate         {             username = "user",             password = "password",             rememberme = false         });                     base.request.responsecontenttype = mimetypes.html;  //temporary workaround, not needed in v4.0.9+          return response;     } } 

so, recap. hit testservice, authenticate user, return response , make sure response contains ss-id , ss-pid cookies. try hit service has [authenticate] attribute. breakpoint in service never hits , response in browser.

handler request not found:

request.httpmethod: request.pathinfo: /login request.querystring: servicestack.namevaluecollectionwrapper
request.rawurl:/login?redirect=http%3a%2f%2flocalhost%3a50063%2fbop%2fbasic-info-2

i have tried applying [authenticate] attribute on service method , on whole service, same result. have tested can service methods if [authenticate] attribute commented out, works, not service config issue or route issue.

i created 2 service methods /basic-info-1 , /basic-info-2. /basic-info-2 has [authenticate] attribute , basic-info-1 not. after authenticating, able basic-info-1 without issues , have confirmed can session information saved in onauthenticated() method. /basic-info-2 handler error.

i not sure happens in [authenticate] attribute looks of handler error, authentication fails , ss tries redirect me /login not exist in project hence handler error. wonder why authenticate attribute not recognizing ss-id , ss-pid cookies?

diagnosis:

you should check session being returned in unauthenticated method (/basic-info-1), after have authenticated using /test. if session working correctly should see userauthid, userauthname , id correctly set on session. doesn't appear these correctly set , [authenticate] attribute therefore doesn't see valid session.

likely problem:

the problem in onauthenticated method, loginmanager not correctly returning these values when save session.

from code:

var loginmanager = authservice.tryresolve<loginmanager>(); var logininfo = loginmanager.getlogininfo(session.userauthname);   authservice.savesession(logininfo.customusersession, sessionexpiry); 
  • logininfo.customusersession.userauthid null
  • logininfo.customusersession.userauthname null
  • logininfo.customusersession.id null

solution:

correctly set attributes before calling savesession.


Comments

Popular posts from this blog

php - regexp cyrillic filename not matches -

c# - OpenXML hanging while writing elements -

sql - Select Query has unexpected multiple records (MS Access) -