ASP.Net MVC身份无限重定向循环

Question

我有一个ASP.Net MVC5应用程序，使用身份“开箱即用”模板，根据ASP.Net Identity 2.0.0。我需要升级它以使用最新ASP.Net MVC模板中的新代码，即使用SignInManager类。

我在原始应用程序中的代码和最新生成的模板之间进行了一些A | B比较，并移植了所有我可以看到的不同之处。

然而，我得到一个奇怪的错误，我怀疑OWIN相关。当我尝试登录或注册时，它会触发一个重定向循环，最终导致应用程序崩溃并发出安全警告，因为URL查询字符串已连接到死亡状态。

网址是： https://localhost:44302/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FAccount%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FAccount%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FAccount%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FAccount%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FAccount%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FAccount%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FAccount%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FAccount%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FAccount%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FAccount%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FAccount%252525252525252525252525252525252FLogin%252525252525252525252525252525253FReturnUrl%252525252525252525252525252525253D%25252525252525252525252525252525252FAccount%25252525252525252525252525252525252FLogin%25252525252525252525252525252525253FReturnUrl%25252525252525252525252525252525253D%2525252525252525252525252525252525252FAccount%2525252525252525252525252525252525252FLogin%2525252525252525252525252525252525253FReturnUrl%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FAccount%252525252525252525252525252525252525252FLogin

详细错误信息：

模块 RequestFilteringModule

通知 BeginRequest

处理程序 ExtensionlessUrlHandler-Integrated-4.0

错误代码 0x00000000

在所有方法中引用ReturnUrl时，我使用了完全相同的设置。

在大多数情况下，我的应用程序的原始AccountController和相关的安全代码未触及原始模板。 我的新示例应用程序在我的本地计算机上运行正常，所以我不确定它们之间的区别。

我看到过帖子暗示IIS Express配置应该受到指责，但我已经遵循了清理建议，并且也发布到Azure网站，结果相同。

我花了很多时间试图解决这个问题并且没有取得任何成功，所以我想我会把它放在那里寻求一些建议......提前感谢任何＆amp;一切都有帮助如果您需要查看更多代码，请与我们联系。

Answer 1

我认为您的登录操作缺少[AllowAnonymous]属性。

Answer 2

您是否在本地设置了SSL？ 在HTTPS上进行身份验证然后被重定向到HTTP，这会破坏cookie和＆amp;重定向回HTTPS登录页面

您是否在web.config中获得了表单身份验证重定向（如

）

  protection="All" requireSSL="true" loginUrl="~/Account/Login.aspx"

你的饼干看起来不错吗？

Answer 3

已解决......结果证明罪魁祸首是我的Unity DI配置。

我深入研究了每个重定向上递归抛出的错误，并且它表明AccountController依赖关系没有被实例化。我去年有一个类似的问题Unity Container trying to resolve non registered type, throwing error，所以我进一步研究了改变的依赖关系。

按照Register IAuthenticationManager with Unity的建议回答解决了这个问题。

感谢您提出的建议：SSL / HTTPS /过滤器，调查这些建议导致了例外情况。

Answer 4

之前我也遇到过同样的问题，并通过在网络配置中添加此行来解决

<add key="owin:AutomaticAppStartup" value="false"/>

它将禁用OWIN启动发现。

我希望它能奏效。

还要检查IIS虚拟目录。检查匿名用户是否启用，如果禁用，则启用它，问题将得到解决。