We are trying to prevent Cross Site Request Forgery attack in one of our action method in controller in MVC4. Below are the code change we made which works fine in VS 2013 but throws error in VS 2012 and the same error we are getting when deployed in Windows Server 2012-IIS 8.
View.cshtml
@using(Html.Beginform())
{@Html.antiforgerytoken()}
Controller.cs
[ValidateAntiforgeryToken]
public ActionResult actionmethod1()
{
<some code here>
}
VS2013- Above code works fine
VS2012- Throwing the following error
A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier.
When the published code using VS2013 is deployed in Windows Server 2012 IIS8 we are getting the same error mentioned above
1.What difference in VS2013 is making it to work, which is not working in VS2012 ? 2.What change should we do in IIS to make the code work like how it is working in VS2013?
