我使用ASP .NET CORE 2。 我在Startup.cs中使用此代码
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = new PathString("/Account/Login");
options.AccessDeniedPath = new PathString(/Account/AccessDenied);
options.ExpireTimeSpan = TimeSpan.FromMinutes(3 * 60 + 1);
});
我没有登录,所以我的网站重定向到
https://localhost/Account/Login?ReturnUrl=%252Fbbb。
它正在开发中。我得到了网址
https://aaaaa.com/?ReturnUrl=%252Fbbb在生产中。
如何解决?我搜索了Google,但找不到任何内容。
答案 0 :(得分:0)
我的Apache代理文件000-default.conf
<VirtualHost *:80>
ServerName aaaaa.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/ [R,L]
</VirtualHost>
<VirtualHost *:443>
ProxyPreserveHost On
ProxyPass "/" "http://localhost:5000/"
ProxyPassReverse "/" "http://localhost:5000/"
ErrorLog /var/log/httpd/aaaaa-error.log
CustomLog /var/log/httpd/aaaaa-access.log common
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:!RC4+RSA:+HIGH:+MEDIUM:!LOW:!RC4
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
</VirtualHost>
Startup.cs中的代码
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = new PathString("/Account/Login");
options.AccessDeniedPath = new PathString(/Account/AccessDenied);
options.Events.OnRedirectToLogin = context =>
{
LogManager.GetLogger(this.GetType()).Info("OnRedirectToLogin->RedirectUri: " + context.RedirectUri);
#if DEBUG
context.Response.Redirect(context.RedirectUri);
#else
string strURL = context.RedirectUri.ToLower();
if (strURL.StartsWith("http://"))
{
strURL = strURL.Replace("http://", "https://", StringComparison.CurrentCultureIgnoreCase);
}
context.Response.Redirect(strURL);
#endif
return Task.CompletedTask;
};
});
记录显示HTTP协议http://aaaaa.com/Account/Logon?ReturnUrl=%252Fbbb,然后显示Apache 从URL切断“帐户/登录”时重定向到HTTPS。
解决方案很简单,将HTTP替换为HTTPS,这样Apache就不会重定向。
Edward和MarkG,非常感谢您的提示!