我有一个带有此身份验证设置的Asp.NET MVC应用程序:
ConfigureServices():
services.AddSession()
services.AddAuthentication(sharedOptions => sharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
配置():
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
ClientId = "xx",
Authority = "xx",
Events = new OpenIdConnectEvents { OnRemoteFailure = this.OnAuthenticationFailed }
});
在IIS中托管时,某些用户会遇到此异常:
Microsoft.AspNetCore.Session.SessionMiddleware,
Error unprotecting the session cookie.
System.Security.Cryptography.CryptographicException: The key {9ec59def-874e-45df-9bac-d629f5716a04} was not found in the key ring.
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
at Microsoft.AspNetCore.Session.CookieProtection.Unprotect(IDataProtector protector, String protectedText, ILogger logger)
我已在托管服务器https://github.com/aspnet/DataProtection/blob/dev/Provision-AutoGenKeys.ps1
上运行此功能Web只有HTTPS绑定,SSL证书可以签名。什么可能导致这个问题?究竟是什么"关键"值?
答案 0 :(得分:0)
更改以下内容的services.AddSession():
services.AddSession(options =>
{
// Set a short timeout for easy testing.
options.IdleTimeout = TimeSpan.FromMinutes(60);
// You might want to only set the application cookies over a secure connection:
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.HttpOnly = true;
// Make the session cookie essential
options.Cookie.IsEssential = true;
});
这应该可以解决您的问题!