Owin Oauth occasional too many redirects only on load balanced environment

392 views Asked by At

I have a weird issue which occurs on my asp.net MVC app with Owin Oauth authentication/authorization, while it's load balanced. This application acts an Oauth endpoint , our client applications connects using Dotnetopenauth. A single server deployment have no issues at all. I tried few fixes available on internet - Kentor cookie saver, systemwebcookiemanager, session start event etc. But nothing helped. My application is using HTTPS every time , we are using Citrix netscaler for load balancing , SsL offloading. Please help.

1

There are 1 answers

0
KaiT On

Ask the Netscaler admin to

1: Change LB persistance to something else than cookie based persistence (some auth services do not like to have cookies injected)

If the above does not help ask Netscaler admin to

2: Try to disable integrated cache feature and see if the problem goes away. The reason for this suggestion is due to a bug where a MAY_CACHE rule caches content with session cookies. your session cookie values will change pre <-> post login and you will end up with a redirect loop. (Server says user not authenticated, auth server says user is already authenticated)

If option 2 solves your problem i can dig up the details of the bug and how to avoid the bug while still keeping integrated cache feature on.