I am using STS authentication, and given given configuration in web.config
I can not make my action (Sign In) perform as it should.
to illustrate follows code:
[AllowAnonymous]
public class SegurancaController : SecurityController
{
public ActionResult Index()
{
....
}
[ValidateInput(false)]
[HttpPost]
[ActionName("Index")]
public ActionResult IndexPost()
{
....
}
}
SecurityController:
[AllowAnonymous]
public ActionResult SignIn(string issuer)
{
var wSFederationAuthenticationModule = FederatedAuthentication.WSFederationAuthenticationModule;
string str = null;
if (!base.User.Identity.IsAuthenticated)
{
str =
new SignInRequestMessage(new Uri(string.IsNullOrEmpty(issuer) ? wSFederationAuthenticationModule.Issuer : issuer),
wSFederationAuthenticationModule.Realm, wSFederationAuthenticationModule.Reply).WriteQueryString();
}
return new RedirectResult(str ?? wSFederationAuthenticationModule.Reply);
}
And Web.config
<authentication mode="Forms">
<forms loginUrl="~/Seguranca" name=".ASPXFORMSAUTH" timeout="2880" defaultUrl="~/home" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
NOTE: If the <authorization><deny users="?" /></authorization>
tags are commented out I can run the URL normally ... but I lose the check if the user is logged in.