Problem with windows auth and CORS when logon popup opens
Posted on 2016-08-12
Hello all, thanks in advance
I am having an issue that is very specific. I am not fully aware of all the entrapments of CORS and windows auth has, but I am trying to implement windows auth for SSO on a web project I am currently working on.
I have it working correctly up to a point.
There happens (intermittently) a deconnect and somehow the server loses the auth and asks for a logon (although it could also be the browser side that loses the info and pops open the logon ... I am not sure which ...). The logon popup screen looks enough like the one the windows OS would open up for you (either for browser CORS of local logon), and I use my credentials of the user logged on the windows machine, however I get wrong password / username error.... which doesn't make sense as I am correctly typing it in.
I am either not authenticating with a proper popup, or the auth is being done without proper info. I would like to know what sort of extra tools I could use to validate and debug this issue, as I am currently unable to reproduce this locally on my dev env. using visual studio, and this happens when deployed on the server.
I can always reproduce this bug by hitting F5 refresh, and then trying to do an action that requires auth. I wonder if there is just a setting missing in my config file on the server that says to allow creds to be reentered if ever a disconnect happens from the server.
btw- this web app has a offline feature, that allows a user to still work offline (SPA) and when back online, should be able to just reenter the creds (in the popup) and continue working as is. So far I have not yet had succes after the F5 refresh happens....otherwise works ok the rest of the time.