Reputation: 28111
Remove .AspNet prefix in cookie name
When using the OWIN Cookie authentication middleware, you can partially control the name of the cookie by changing the AuthenticationType in the properties, f.e.:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Test",
//...
});
Above will result in a cookie named .AspNet.Test. Is there any way to get rid of that .AspNet. prefix because we believe it reveals valuable information about the stack we're using.
Upvotes: 2
Views: 1687
Answers (2)
Reputation: 926
If a custom cookie name is not set in CookieName property, it is derived internally based on the authentication type string in AuthenticationType property and hardcoded prefix ".AspNet."
if (string.IsNullOrEmpty(Options.CookieName))
{
Options.CookieName = ".AspNet." + Options.AuthenticationType;
}
Upvotes: 0
Reputation: 118957
You need to set the CookieName property. The docs say:
Determines the cookie name used to persist the identity. The default value is ".AspNet.Cookies". This value should be changed if you change the name of the AuthenticationType, especially if your system uses the cookie authentication middleware multiple times.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Test",
CookieName = "YourNameGoesHere",
//...
});
Upvotes: 4
Related Questions
- How to remove a cookie in PHP?
- How does cookie-based authentication work?
- How to delete a cookie?
- What is the correct way to trigger OWIN cookie middleware set to passive authentication mode?
- Get cookie by name
- How do I set/unset a cookie with jQuery?
- OWIN OpenId Authentication - Active Session after logout
- .NET OWIN Authentication - Cookie + Windows (active directory)