OWIN / IdentityServer login stuck in endless loop

Question

I have a working IdentityServer2 auth server that works fine. I am creating a new .NET MVC application and following this article (http://www.cloudidentity.com/blog/2014/02/20/ws-federation-in-microsoft-owin-componentsa-quick-start/) to set up MS OWIN with IDS2. I can reach the login screen but after logging in, the user is sent back to the calling website and gets stuck in an endless loop.

Startup.Auth.cs

using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.WsFederation;
using Owin;

namespace AZBarMail
{
    public partial class Startup
    {
        public void ConfigureAuth(IAppBuilder app)
        {
            app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

            app.UseCookieAuthentication(
                new CookieAuthenticationOptions
                {
                    AuthenticationType =
                       WsFederationAuthenticationDefaults.AuthenticationType
                });
            app.UseWsFederationAuthentication(
                new WsFederationAuthenticationOptions
                {
                    MetadataAddress = "https://auth.azbar.org/federationmetadata/2007-06/federationmetadata.xml",
                    Wtrealm = "https://localhost:44310/",
                });
        }
    }
}

Portion of web.config

<system.web>
  <authentication mode="None" />
  <compilation debug="true" targetFramework="4.6.1" />
  <httpRuntime targetFramework="4.6.1" />
</system.web>

Startup.cs

using Microsoft.Owin;
using Owin;

[assembly: OwinStartup(typeof(AZBarMail.Startup))]
namespace AZBarMail
{
    public partial class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            ConfigureAuth(app);
        }
    }
}

Redirect URL in IDS2

https://localhost:44310/

Answer 1

Issue finally resolved. Seems to have been an issue with the cookie type/settings.

Answer 2

Redirect your user to /account/login.

app.UseCookieAuthentication(new CookieAuthenticationOptions()
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/account/Login"),
                CookieName = CookieAuthenticationDefaults.CookiePrefix + "SampleClient",
                ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter,
                LogoutPath = new PathString("/account/Logout")
            });

app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

From /account/login, redirect to the external provider.

The externalprovider will create a cookie on its domain and you will create a cookie on your domain after receiving the response from external provider.