I have a web app that uses custom forms authentication tickets. I am logging in using a custom authentication mechanism, and creating a custom authentication ticket.
From the web app I then make regular Ajax calls to an MVC2 controller to ask if the user is authenticated. The controller method looks like this:
public ActionResult GetAuthenticationStatus()
{
string responseDoc;
if (HttpContext.User != null
&& HttpContext.User.Identity.IsAuthenticated)
{
responseDoc = "{\"status\":\"authenticated\"}";
}
else{
responseDoc = "{\"status\":\"unauthenticated\"}";
}
return new ContentResult { Content = responseDoc, ContentType = "application/json" };
}
The IIS logs show that the authentication ticket cookie is arriving successfully at IIS, but my controller method is returning {\”status\”:\”unauthenticated\”} so obviously it seems my controller conditions for checking user authentication are incorrect.
Peculiarly, it all works fine in Chrome. However, it does not work in mobile Safari. Can anyone see anything wrong with my controller method?
Thanks.
I believe I have the answer. You need to specifically set web.config to force the use of cookies. My authentication setting in web.config now looks like this:
It is the cookieless=”UseCookies” entry that solved the problem. The default value for this is UseDeviceProfile. It must have been the case that an iPad does not have a consistent UseDeviceProfile regime.