Azure ACS relying party configuration: weird, but correct behavior.

Every time I do it I do it wrong and it takes me too much time to remember why it is wrong.

Let me explain the situation:

• Setup a relying party on Azure ACS identified in the following manner:
• Realm: https://mydomain.com/FooBar
• Return Url: https://mydomain.com/FooBar

Everything seems fine and correct…fail…it does not work, when you try the application the result is:

• Request to https://mydomain.com;
• The authentication process kicks in and redirects to the Azure ACS hosted login page;
• The use choses the authentication provider and perform the login;
• The authentication provider redirects back to the ACS that redirects back to your application @ https://mydomain.com/FooBar;
• HTTP 405, Method Not Allowed :-\

Can you spot the bug?

The return Url definition misses the trailing “/”, it must be https://mydomain.com/FooBar/, but why?

Because the process is not so simple as we can expect:

• ….bla bla bla…
• The authentication provider redirects back to the ACS that redirects back to your application @ https://mydomain.com/FooBar/ via a POST request;

When you perform a request to the extension less MVC Url handler the Url handler mst append a trailing / to the Url, if missing, otherwise all the runtime evaluated links on the client side will be wrong, in order to do that the handler can only perform a redirect to the same Url with the “/” appended, a redirect is generally dropped and not honored if the HTTP verb is POST, and for a good reason.

.m