When session variables are used in asp.net, okta authentication fails

kiran · January 26, 2021, 7:47pm

Hi,
I am using Okta with asp.net web application. My application is using the default or built in authentication as well as okta. If I just use Okta login, it works good. However there is one weird issue, with the regular login (non okta), once user is authenticated, the application is using few session variables to store user specific information. Once session variables are used, Okta login fails, means when Okta user is doing login, in asp.net C# code HttpContext.User.Identity.IsAuthenticated always returns false

If I stop using session variables, it starts working !! This is really crazy. I have spent too much time on this

Can anyone help, Is it not possible to use session variables in asp.net while Okta + default authentication is used ?

Please help.

Thanks
Kiran

Fuzzard · January 27, 2021, 2:52pm

hi Kiran, can you check if Chris’ solution from this older post is working for you as well?

kiran · January 27, 2021, 7:52pm

Hello @Fuzzard, Looks like the reference you have provided is referring to cookies, however I have issues with the net Session variables like Session[“abc”]

Thanks

Fuzzard · January 28, 2021, 7:26pm

the update to the authentication type also seems to resolve the problem with adding separate session variables in my testing

with the default setup, HttpContext.User.Identity.IsAuthenticated returns false, while with that fix it returns true

kiran · January 28, 2021, 8:38pm

Interesting!
I am testing this fix.

Thanks

system · May 4, 2022, 3:38pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.