514delmer746funt550
New Member
So here is the setup. I have a STS Provider and 2 ASP.NET MVC sites both trusting the same STS provider. User comes to Site A and is redirected to the STS Provider passive login, authenticates properly, and is redirected back to site 'A' as expected. This all works great. I can see the token and identity in code in site 'A' using the following:\[code\]IClaimsPrincipal claimsPrincipal = Thread.CurrentPrincipal as IClaimsPrincipal;IClaimsIdentity claimsIdentity = (IClaimsIdentity)claimsPrincipal.Identity;\[/code\]Now there is a link on site 'A' to site 'B' that truts the same STS provder. The issue is when I navigate to site 'B', the claim information is not present and the user is not automatically authenticated. According to the STS and WIF documentation the following should occur:\[quote\] "The flow starts as usual, the user requests a page from B on site A and gets redirected to the STS to obtain a token. However, this time the user is already authenticated with the STS site because there is an active session represented by the STS cookie. This means the request for the STS page leads straight to execution of the SecurityTokenService issuing sequence without showing to the user any UI for credential gathering. The token is issued silently and forwarded to B according to the usual sequence. From the moment the user clicks on the link to B and the browser displays the requested page from B, only some flickering of the address bar in the browser will give away the fact that some authentication took place under the hood. That