Every time I do it I do it wrong and it takes me too much time to remember why it is wrong.

Let me explain the situation:

Everything seems fine and correct…fail…it does not work, when you try the application the result is:

  • Request to https://mydomain.com;
  • The authentication process kicks in and redirects to the Azure ACS hosted login page;
  • The use choses the authentication provider and perform the login;
  • The authentication provider redirects back to the ACS that redirects back to your application @ https://mydomain.com/FooBar;
  • HTTP 405, Method Not Allowed :-\

Can you spot the bug?

The return Url definition misses the trailing “/”, it must be https://mydomain.com/FooBar/, but why?

Because the process is not so simple as we can expect:

  • ….bla bla bla…
  • The authentication provider redirects back to the ACS that redirects back to your application @ https://mydomain.com/FooBar/ via a POST request;

When you perform a request to the extension less MVC Url handler the Url handler mst append a trailing / to the Url, if missing, otherwise all the runtime evaluated links on the client side will be wrong, in order to do that the handler can only perform a redirect to the same Url with the “/” appended, a redirect is generally dropped and not honored if the HTTP verb is POST, and for a good reason.

.m