PasswordSignInAsync在本地工作,但不在Azure中工作 [英] PasswordSignInAsync working locally but not in Azure
问题描述
我有一个运行.Net 4.5.1和Identity 2的Web应用程序.
I have a web app running .Net 4.5.1 and Identity 2.
在我的WebApi中,我有一个iOSLoginController.cs,它使用从主要.NET Identity的AccountController.cs移植的代码.它是使用AFNetworking 2.0从我的iOS应用中获取的.
In my WebApi I have an iOSLoginController.cs using code grafted from the main .NET Identity's AccountController.cs. It's being fed from my iOS app using AFNetworking 2.0.
它在我的本地iis中可以在本地正常运行.登录正常.但是当发布到Azure时,它实际上并没有登录,但在以下位置仍显示成功":
var result = await SignInManager.PasswordSignInAsync(usernameToCheck, model.Password, false, shouldLockout: false);
// switch on result
switch (result)
{
case SignInStatus.Success: <-- it says it's successful ?!?
但是如果我立即在WebView中使用AFNetworking进行检查,则它没有登录并重定向到Login?ReturnURL = .. c(我的应用程序是混合的,使用Webviews来获取信息/统计信息,并使用native来进行登录/注册,因此可以正常工作Identity 1很好,这是一个升级站点)
But then if i check right away with AFNetworking in a WebView, it's not logged in and redirects to Login?ReturnURL=..c (My app is hybrid and uses Webviews for info/stats and native for login/signup and worked fine in Identity 1, this is an upgrade site)
这不是iOS应用程序,可以在我的本地IIS和其他常规物理服务器上正常运行.但是,当我更改API的基本URL指向Azure机器的位置时,它只是没有在登录用户...而是说成功了.我通过附加到VS2015中的过程进行了验证
It's not the iOS app, it is working fine against my local IIS and another regular physical server. But when I change where the base url for the API to point to the Azure machine, it's just not logging the person in... but saying success... I verified by attaching to the process in VS2015
我也在web.config中手动设置了机器密钥,这样它就不会旋转,并且在IIS开始回收进程时不会注销用户.
I have set a machine key manually as well in the web.config so it won't rotate and log users out when IIS starts recycling processes.
有什么想法吗?
推荐答案
现代浏览器引用公共后缀列表用于Cookie域,该域被视为公共域.
Modern browsers reference the Public Suffix List for cookie domains, which are regarded as public.
列表的初衷是因为需要保护顶级域名,例如.com,因为任何人都有可能为所有以.com结尾的域设置cookie,这将影响所有使用顶级.com域的域.
The idea of the list originally came from the need to protected top level domains, like .com, as it would have been possible for anyone to set a cookie for all domains ending .com, which would affect all sites with of the top level .com domain.
该列表还包含被视为公共的其他域.该列表由社区维护,其他域中的azurewebsites.net域是该列表的一部分.
The list also contains other domains considered to be public. This list is maintained by the community and the azurewebsites.net domain, amoung others, is part of this list.
由于这一点,一个人无法在共享域上的其他人的应用程序中设置azure应用程序并劫持cookie.
Thanks to this, it isn't possible for a person to setup an azure app and hijack cookies in other peoples apps on the shared domain.
这篇关于PasswordSignInAsync在本地工作,但不在Azure中工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
