ASP.Net Core 1.0.0-preview2 无限重定向循环
ASP.Net Core 1.0.0-preview2 infinite redirect loop
当我像这样发布应用程序时,出现无限重定向循环:
/Account/Login?ReturnUrl=%2FLPanel3%2FHome%2FError%3FReturnUrl%3D%252FLPanel3%252FHome%252FError%253FReturnUrl%253D%25252FLPanel3%25252FHome%25252FError%25253FReturnUrl%25253D%2525252FLPanel3%2525252FHome%2525252FError%2525253FReturnUrl%2525253D%252525252FLPanel3%252525252FHome%...
但是在我的帐户控制器上我有 [AllowAnonymous] 但它没有帮助。我的启动看起来像这样:
public class Startup
{
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);
if (env.IsDevelopment())
{
builder.AddUserSecrets();
builder.AddApplicationInsightsSettings(developerMode: true);
}
builder.AddEnvironmentVariables();
Configuration = builder.Build();
}
public IConfigurationRoot Configuration { get; set; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorization(options =>
{
options.AddPolicy("AdministratorOnly", policy => policy.RequireRole("Administrator", "Create", "Access", "Manage"));
options.AddPolicy("Manage", policy => policy.RequireRole("Create", "Access", "Manage"));
options.AddPolicy("Access", policy => policy.RequireRole("Access"));
});
services.AddApplicationInsightsTelemetry(Configuration);
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("Connection")));
services.AddIdentity<ApplicationUser, IdentityRole>(options =>
{
options.Cookies.ApplicationCookie.CookieName = "Cookie";
options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromHours(1);
options.Cookies.ApplicationCookie.SlidingExpiration = true;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
}).AddJsonOptions(opt =>
opt.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver())
.AddJsonOptions(opt => opt.SerializerSettings
.ReferenceLoopHandling = ReferenceLoopHandling.Ignore);
services.AddLogging();
services.AddTransient<IEmailSender, AuthMessageSender>();
services.AddTransient<ISmsSender, AuthMessageSender>();
services.AddScoped<ILPRepository, LPRepository>();
services.AddTransient<SeedDatabase>();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, SeedDatabase seeder)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseBrowserLink();
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
try
{
using (var serviceScope = app.ApplicationServices.GetRequiredService<IServiceScopeFactory>()
.CreateScope())
{
serviceScope.ServiceProvider.GetService<ApplicationDbContext>()
.Database.Migrate();
}
}
catch { }
}
app.UseApplicationInsightsExceptionTelemetry();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookie",
LoginPath = new PathString("/Account/Login/"),
AccessDeniedPath = new PathString("/Account/Forbidden/"),
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
app.UseStaticFiles();
app.UseIdentity();
app.UseStatusCodePagesWithReExecute("/Home/Errors/{0}");
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller}/{action}/{id?}",
defaults: new { controller = "Home", action = "Index" }
);
});
}
}
我没有任何其他库正在寻找登录、身份验证等...
我已通过在 IIS 中创建新网站并将我的匿名身份验证用户设置为 "Application Pool" 而不是特定用户 "IUSR" 并在我的应用程序上设置 https 来修复它。
现在终于可以用了。并且必须启用匿名身份验证。您可以在 launchSettings.json
上配置
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:60888/",
"sslPort": 44444
}},
要启用 https,您还需要在 startup.cs
中进行配置
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
#if !DEBUG
config.Filters.Add(new RequireHttpsAttribute());
#endif
config.Filters.Add(new AuthorizeFilter(policy));
}).AddJsonOptions(opt =>
opt.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver())
.AddJsonOptions(opt => opt.SerializerSettings
.ReferenceLoopHandling = ReferenceLoopHandling.Ignore);
}
当我像这样发布应用程序时,出现无限重定向循环:
/Account/Login?ReturnUrl=%2FLPanel3%2FHome%2FError%3FReturnUrl%3D%252FLPanel3%252FHome%252FError%253FReturnUrl%253D%25252FLPanel3%25252FHome%25252FError%25253FReturnUrl%25253D%2525252FLPanel3%2525252FHome%2525252FError%2525253FReturnUrl%2525253D%252525252FLPanel3%252525252FHome%...
但是在我的帐户控制器上我有 [AllowAnonymous] 但它没有帮助。我的启动看起来像这样:
public class Startup
{
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);
if (env.IsDevelopment())
{
builder.AddUserSecrets();
builder.AddApplicationInsightsSettings(developerMode: true);
}
builder.AddEnvironmentVariables();
Configuration = builder.Build();
}
public IConfigurationRoot Configuration { get; set; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorization(options =>
{
options.AddPolicy("AdministratorOnly", policy => policy.RequireRole("Administrator", "Create", "Access", "Manage"));
options.AddPolicy("Manage", policy => policy.RequireRole("Create", "Access", "Manage"));
options.AddPolicy("Access", policy => policy.RequireRole("Access"));
});
services.AddApplicationInsightsTelemetry(Configuration);
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("Connection")));
services.AddIdentity<ApplicationUser, IdentityRole>(options =>
{
options.Cookies.ApplicationCookie.CookieName = "Cookie";
options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromHours(1);
options.Cookies.ApplicationCookie.SlidingExpiration = true;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
}).AddJsonOptions(opt =>
opt.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver())
.AddJsonOptions(opt => opt.SerializerSettings
.ReferenceLoopHandling = ReferenceLoopHandling.Ignore);
services.AddLogging();
services.AddTransient<IEmailSender, AuthMessageSender>();
services.AddTransient<ISmsSender, AuthMessageSender>();
services.AddScoped<ILPRepository, LPRepository>();
services.AddTransient<SeedDatabase>();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, SeedDatabase seeder)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseBrowserLink();
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
try
{
using (var serviceScope = app.ApplicationServices.GetRequiredService<IServiceScopeFactory>()
.CreateScope())
{
serviceScope.ServiceProvider.GetService<ApplicationDbContext>()
.Database.Migrate();
}
}
catch { }
}
app.UseApplicationInsightsExceptionTelemetry();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookie",
LoginPath = new PathString("/Account/Login/"),
AccessDeniedPath = new PathString("/Account/Forbidden/"),
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
app.UseStaticFiles();
app.UseIdentity();
app.UseStatusCodePagesWithReExecute("/Home/Errors/{0}");
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller}/{action}/{id?}",
defaults: new { controller = "Home", action = "Index" }
);
});
}
}
我没有任何其他库正在寻找登录、身份验证等...
我已通过在 IIS 中创建新网站并将我的匿名身份验证用户设置为 "Application Pool" 而不是特定用户 "IUSR" 并在我的应用程序上设置 https 来修复它。
现在终于可以用了。并且必须启用匿名身份验证。您可以在 launchSettings.json
上配置"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:60888/",
"sslPort": 44444
}},
要启用 https,您还需要在 startup.cs
中进行配置 services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
#if !DEBUG
config.Filters.Add(new RequireHttpsAttribute());
#endif
config.Filters.Add(new AuthorizeFilter(policy));
}).AddJsonOptions(opt =>
opt.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver())
.AddJsonOptions(opt => opt.SerializerSettings
.ReferenceLoopHandling = ReferenceLoopHandling.Ignore);
}