ASP.NET MVC 5:使用站点模板无限重定向到登录页面 [英] ASP.NET MVC 5 : Endless redirect to the login page using the site template
问题描述
我刚开始使用 ASP.NET MVC 5(我已经使用了很多以前的版本),我遇到了一个非常奇怪的问题:我使用 Visual Studio 2013(完全更新)ASP.NET 模板创建了一个新网站.对于模板选项,我选择了 MVC 模板,个人用户帐户"身份验证类型,没有云托管,除了核心 MVC 库之外没有其他组件.验证选项后,我更新所有 NuGet 包.之后我按 F5(不打开或修改任何新项目文件).
I just started using ASP.NET MVC 5 (I already used the previous versions quite a lot) and I have a very weird issue: I created a new website using the Visual Studio 2013 (fully updated) ASP.NET template. For the template options I selected the MVC template, "Individual User Accounts" authentication type, no cloud hosting, and no other components than the core MVC library. After I validate the options, I update all the NuGet packages. And after that I press F5 (without opening or modifying any of the new project files).
浏览器打开只显示错误页面,因为无限重定向循环:URL 显示:
The browser opens only to show an error page, because of an endless redirection loop: the URL shows :
http://localhost:24585/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%252525<snip>
同样,这是使用未经修改的 ASP.NET MVC 模板.我确实检查了 cookie 身份验证选项中是否定义了登录 URL,这看起来不错:
Again, this is with the stock, unmodified ASP.NET MVC template. I did check that the login URL is defined in the cookie auth options, and that looks good :
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
唯一可能破坏默认网站的是全局 web.config/machine.config 文件中的某些内容,尽管我通常会避免在我的开发框中弄乱它们.在不更新 NuGet 包的情况下启动模板并不能解决问题.ASP.NET Identity 库可能有问题,但我真的不知道,也找不到与我的问题相关的任何信息.
The only thing that could maybe break the default website is something in the global web.config/machine.config files, although I usually avoid messing with them on my dev box. Launching the template without updating the NuGet packages does not solve the issue. There's probably something wrong with the ASP.NET Identity lib, but I don't really know it and I couldn't find any relevant info related to my issue.
问题:有谁知道问题是什么,或者至少解决此问题的最佳方法是什么?
Question: Does anyone know what the problem is, or at least what's the best way to troubleshoot this ?
谢谢
推荐答案
好的,经过一夜好眠后,我终于发现了问题所在:问题出在 IIS Express 配置中,在我创建时由于某种原因没有重置一个新项目,并且可能继承了以前项目的设置.它禁用了匿名身份验证并启用了 Windows 身份验证,这与模板创建的默认 web.config 不兼容,因为它的身份验证模式设置为 None.因此,IIS 期望在提供任何资源之前进行 Windows 身份验证,并且该网站没有要求提供 Windows 凭据.我们有一个无限循环.
Ok so after a good night's sleep I ended up finding what's wrong: the problem was in the IIS Express configuration, which was not reset for some reason when I created a new project, and probably inherited a previous project's settings. It had Anonymous Authentication disabled and Windows Authentication enabled, which is not compatible with the default web.config created by the template, since it had authentication mode set to None. So IIS was expecting a Windows authentication before any resource is served, and the website did not ask for Windows credentials. And there we have an infinite loop.
TL;DR 如果您遇到同样的问题,请检查项目属性(在解决方案资源管理器中选择项目,然后按 F4).Anonymous Authentication 条目应设置为 Enabled,Windows Authentication 条目应设置为 Disabled.请注意,这仅在您未在模板设置中选择 Windows 身份验证时才有效!
TL;DR If you have that same problem, check the project properties (select the project in the solution explorer, and press F4). The Anonymous Authentication entry should be set to Enabled, and the Windows Authentication entry should be set to Disabled. Note that this is only valid if you do not select Windows Authentication in the template settings !
这篇关于ASP.NET MVC 5:使用站点模板无限重定向到登录页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
