I am doing research on how to use Windows authentication be default, but being able to use a different authentication process if the user is not accessing site when connected to the VPN. I have created the boilerplate MVC web application and in program.cs have set the DefaultScheme, DefaultChallengeScheme, and DefaultAuthenticateScheme to be NegotiateDefaults.AuthenticatinoScheme in AddAuthentication(). I have also chained AddNegotiate(), AddCookie(), and AddopenIdConnect() after the AddAuthentication() function. Next, I decorated the Home and Privacy actions with a plain [Authorize] attribute. When I fire up the app in VS, the Home action properly navigates through the Negotiate authentication path. However, when I click the Privacy link the processing attempts to use OIDC. I cannot figure out why OIDC authentication is being attempted when the defaults all indicate Negotiate should be used. Has anyone encountered this and determined the cause?
What I have tried:
I have changed the order of the function chaining, but that did nothing. I have searched using multiple different prompts, but have not found anyone else who has encountered this.
Submit an article or tip