As you can see in my previous post, I am currently working on securing an ASP.NET MVC Web Application based on OWIN. Because of that is this post some sort of continuation of my previous one.
But now we had a Problem of securing our Single Page Application that is actually a static content in our ASP.NET MVC Web Application. For that I injected this simple Code Snippet that will be called upon every Request:
app.Use((context, cont) =>
if ((context.Authentication.User != null) &&
(context.Authentication.User.Identity != null) &&
It simply checks if the user is authenticated, and if not, it Challenges our OWIN Authentication Provider to authenticate the user (in our case ADFS). Now we don't even have to use our [Authorize] Tags because all Request will need to be authenticated, what can make some problems in certain cases if you have some Web API Methods that needs to be publicly exposed.
Oct 10 2016, 12:38 PM