Our organization has a central solution for forms authentication. I am trying to implement an ASP.Net MVC app that uses this external URL – and it worked till RC! was released…
Here’s what’s happening
In an ActionAttribute Extension
I check for s session var if not found check for a request data chuck if found, set the session var if not found – redirect to external URL if found continue.
The trouble is that till I updated to RC1, this worked. Since then, so many requests are being sent to the external URL that it detects a DoS attack and shuts me out!
I removed the redirection code and replaced it with the web.config changes for Forms Auth – and the same thing happened…
I resolved this issue by creating a static dictionary of requesting IPs, and dropping duplicate requests from the same IP. Not a very nice solution – so if anyone figures out a better solution – let me know.