asp.net 身份在 20 分钟后过期不记名令牌 [英] asp.net identity expire bearer token after 20 min
问题描述
我有一个网络服务,用户可以登录服务并提供不记名令牌.
i have a web service, users can login to service and give bearer token.
在本地一切都很好,但在服务器(共享主机,windows 2012,iis 8.5)20分钟后,令牌已过期!!!
in local everything is good, but in server (shared host, windows 2012, iis 8.5) after 20 min, token has been expired !!!
我的 AccessTokenExpireTimeSpan 是:
my AccessTokenExpireTimeSpan is :
AccessTokenExpireTimeSpan = TimeSpan.FromDays(900),
同样在我的第一个请求中,我延迟了大约 5 秒.什么问题?
also in my first request, i give a delay about 5 sec. what is problem ?
推荐答案
我假设您在生产环境中有多个服务器.并且 ASP.NET Identity 正在使用服务器的机器密钥来生成令牌承载.因此,20 分钟后,您已被重定向"到另一台带有另一台机器密钥的服务器.
I asume that you in production have multiple servers. And ASP.NET Identity is using the server's machine key to generate the token bearer. So after 20 minutes you have been "redirected" to another server with another machine key.
一种解决方案是覆盖服务器的机器密钥.在 web.config 中设置机器密钥.所以所有服务器都有相同的机器密钥.
One solution is to override the machine key of the servers. With setting the machine key in the web.config. So all servers has the same machine key.
<machineKey validationKey="534766AC57A2A2F6A71E6F0757A6DFF55526F7D30A467A5CDE102D0B50E0B58D613C12E27E7E778D137058E" decryptionKey="7059303602C4B0B3459A20F9CB631" decryption="Auto" validation="SHA1"/>
如何生成和设置机器密钥:
https://technet.microsoft.com/sv-se/library/cc755177%28v=ws.10%29.aspxhttp://docs.orchardproject.net/Documentation/Setting-up-a-machine-key
解决方案 2 - 如果无法访问 IIS
Solution 2 - If don't have access to IIS
如果您不想修改 IIS 上的 machineKey 或无法访问它,您可以通过覆盖 startup.cs 中的默认设置轻松覆盖 ASP.NET 身份令牌提供程序文件.
If you dont' want to modify the machineKey on the IIS or doesn't have access to it you can ovveride ASP.NET Identity token provider easily by ovveriding the default settings in the startup.cs file.
你可以在这里找到一个例子:https://github.com/eashi/Samples/blob/master/OAuthSample/OAuthSample/App_Start/Startup.Auth.cs
An example of that can you find here: https://github.com/eashi/Samples/blob/master/OAuthSample/OAuthSample/App_Start/Startup.Auth.cs
这篇关于asp.net 身份在 20 分钟后过期不记名令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
