更换PC时,无限循环/重定向简单的ASP.NET OWIN Azure AD Web解决方案

时间:2018-07-09 09:57:07

标签: asp.net azure-active-directory owin-middleware

我有一个非常简单的ASP.NET Web解决方案(WebForms),该解决方案具有通过OWIN进行Azure AD身份验证的样板实现。在我的PC上进行本地测试时,它工作正常。我确实跳上了Windows笔记本电脑的床,然后从Visual Studio Team Services(GIT)中拉出了解决方案,并在笔记本电脑上的调试中运行了该解决方案。现在,当我尝试登录时,应用程序进入以下两个Web请求的无限循环(一个POST一个GET)。我不知道这是怎么回事。有人可以协助吗?这两个日志条目只是反复出现,直到我退出为止。 

> Application Insights Telemetry (unconfigured):
> {"name":"Microsoft.ApplicationInsights.Dev.Request","time":"2018-07-09T09:44:50.8000358Z","tags":{"ai.internal.sdkVersion":"web:2.2.0-738","ai.operation.id":"q2LZmfksgJg=","ai.location.ip":"::1","ai.cloud.roleInstance":"DESKTOP-8S777RV","ai.operation.name":"POST
> /"},"data":{"baseType":"RequestData","baseData":{"ver":2,"id":"q2LZmfksgJg=","name":"POST
> /","duration":"00:00:00.0070000","success":true,"responseCode":"302","url":"https://localhost:44378/","properties":{"DeveloperMode":"true"}}}}
> 
> 
> Application Insights Telemetry (unconfigured):
> {"name":"Microsoft.ApplicationInsights.Dev.Request","time":"2018-07-09T09:44:50.8189012Z","tags":{"ai.internal.sdkVersion":"web:2.2.0-738","ai.operation.id":"tDssyCSeipU=","ai.location.ip":"::1","ai.cloud.roleInstance":"DESKTOP-8S777RV","ai.operation.name":"GET
> /ScratchPad.aspx"},"data":{"baseType":"RequestData","baseData":{"ver":2,"id":"tDssyCSeipU=","name":"GET
> /ScratchPad.aspx","duration":"00:00:00.0010000","success":true,"responseCode":"401","url":"http://localhost:63907/ScratchPad.aspx","properties":{"DeveloperMode":"true"}}}}

编辑:我是OWIN / Azure身份认证的初学者,但我做了一些修改,发现没有将CookieSecureOption添加到我的Cookie AUthentication配置中,例如改变

app.UseCookieAuthentication(new CookieAuthenticationOptions ());


app.UseCookieAuthentication(new CookieAuthenticationOptions { CookieSecure = CookieSecureOption.Never });

使站点在调试时登录确定。我知道这不是一个安全的选择,但是我希望这可以帮助某人首先了解这个问题?因为一个小时前在另一台PC上进行测试时我不需要此选项?

1 个答案:

答案 0 :(得分:0)

OWIN / Katana有一个错误,导致您的Cookie消失。因此,您的解决方案将在90%的时间内工作,但在10%的时间内陷入这些无限循环。重新部署该应用程序可能会暂时修复它,但问题仍然存在。

解决此问题的一种方法是使用Nuget包kentor.owincookiesaver。您应该在owin启动类中的cookieauthentication调用之前调用此类,如下所示。

app.UseKentorOwinCookieSaver();

app.UseCookieAuthentication(new CookieAuthenticationOptions());

此处记录了该错误:https://github.com/aspnet/AspNetKatana/,此处记录了解决方法:https://github.com/Sustainsys/owin-cookie-saver

Nuget软件包已被下载177,000多次。

相关问题
最新问题