尝试通过https访问时,.net core 2.0 cookie身份验证陷入无限重定向循环 [英] .net core 2.0 cookie authentication getting stuck in infinite redirect loop when trying to access over https
问题描述
我刚刚将代码移到使用https的质量检查环境中,而在Dev中工作的内容在质量检查中不起作用,因为浏览器陷入了无限重定向循环.我们的负载均衡器强制使用https,因此当登录重定向从代码发生时(出于某种原因,它试图重定向到http而不是https),负载均衡器将停止它并再次添加https,这将导致无限循环.我的问题是,为什么这段代码不仅重定向到https,而且路径在ConfigureServices()方法中是相对的.我在提琴手中看过它,它的确添加了FQDN以使用http而不是https进行重定向.
我是否需要在此处添加一些属性以允许https重定向?
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = "/Account/LogIn";
options.LogoutPath = "/Account/LogOff";
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseAuthentication();
}
谢谢.
我们只使用:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
... //settings and logging initialization
app.Use((context, next) =>
{
context.Request.Scheme = "https";
return next();
});
... //all the rest middleware calls
}
它在大多数情况下在OWIN和.Net Core最高2.0的情况下都可以提供帮助
I have just moved my code to our QA environment which uses https and what was working in Dev is not working in QA because the browser gets stuck in an infinite redirect loop. Our load balancer forces https so when the login redirect happens from code, which for some reason it's trying to redirect to http instead of https, the load balancer is stopping it and adding https again which causes the infinite loop. The question I have is why is this code not just redirecting to https, the path is relative in the ConfigureServices() method. I've looked at it in fiddler, and it is indeed adding the FQDN for the redirect with http instead of https.
Is there some property I need to add to options here to allow https redirects?
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = "/Account/LogIn";
options.LogoutPath = "/Account/LogOff";
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseAuthentication();
}
thanks.
We just use:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
... //settings and logging initialization
app.Use((context, next) =>
{
context.Request.Scheme = "https";
return next();
});
... //all the rest middleware calls
}
and it helps in most situations under OWIN and .Net Core up to 2.0
这篇关于尝试通过https访问时,.net core 2.0 cookie身份验证陷入无限重定向循环的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
