.Net core 3.1 MVC 站点出现 http 403 错误
.Net core 3.1 MVC site gives a http 403 error
我有一个用 c# 和 .net core 3.1 MVC 编写的网站。对于这个站点,我启用了 SSL 和基于角色的身份验证,它托管在一些托管服务提供商上。当我尝试访问该站点时,有时会出现 http 403 forbidden: access denied 错误。但如果我清除浏览器的 cookie 并刷新页面,我就可以毫无问题地访问它。当我尝试访问 public (没有授权属性的控制器)时,我也遇到了这个问题。谁能帮我解决这个问题?非常感谢。
Startup.cs 文件中的我的 ConfigureServices 方法:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<IISServerOptions>(options => { options.AutomaticAuthentication = false; });
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = IdentityConstants.ApplicationScheme;
options.DefaultChallengeScheme = IdentityConstants.ApplicationScheme;
options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
});
services.AddScoped<IDbInitializer, DbInitializer>();
services.AddControllersWithViews();
services.AddRazorPages();
services.ConfigureApplicationCookie(options =>
{
options.ExpireTimeSpan = TimeSpan.FromHours(1);
options.LoginPath = "/Identity/Account/Login";
options.AccessDeniedPath = "/Identity/Account/AccessDenied";
});
services.AddTransient<IMessage, EmailService>();
}
我在Startup.cs中的配置方法:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IDbInitializer initializer)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
//app.UseExceptionHandler("/Home/Error");
app.UseStatusCodePagesWithRedirects("/");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
initializer.Initialize();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "user_default",
pattern: "{action=Index}",
defaults: new
{area = "User", controller = "Home", action = "Index"},
constraints: new {area = "User", controller = "Home"}
);
endpoints.MapControllerRoute(
name: "products_default",
pattern: "{controller}/{mainCategory}/{category}/{product}",
defaults: new
{area = "User", action = "Index", mainCategory = "", category = "", product = ""},
constraints: new
{area = "User", controller = "Products"}
);
endpoints.MapControllerRoute(
name: "user_subcontrollers_default",
pattern: "{controller=Home}/{action=Index}/{id?}",
defaults: new
{area = "User"},
constraints: new {area = "User"}
);
endpoints.MapControllerRoute(
name: "default",
pattern: "{area=User}/{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
}
原来是我们主机的防火墙设置导致了这个问题。在他们重新配置后,我们的 403 错误停止了。可悲的是,我不知道他们在防火墙中做了什么更改。
我有一个用 c# 和 .net core 3.1 MVC 编写的网站。对于这个站点,我启用了 SSL 和基于角色的身份验证,它托管在一些托管服务提供商上。当我尝试访问该站点时,有时会出现 http 403 forbidden: access denied 错误。但如果我清除浏览器的 cookie 并刷新页面,我就可以毫无问题地访问它。当我尝试访问 public (没有授权属性的控制器)时,我也遇到了这个问题。谁能帮我解决这个问题?非常感谢。
Startup.cs 文件中的我的 ConfigureServices 方法:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<IISServerOptions>(options => { options.AutomaticAuthentication = false; });
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = IdentityConstants.ApplicationScheme;
options.DefaultChallengeScheme = IdentityConstants.ApplicationScheme;
options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
});
services.AddScoped<IDbInitializer, DbInitializer>();
services.AddControllersWithViews();
services.AddRazorPages();
services.ConfigureApplicationCookie(options =>
{
options.ExpireTimeSpan = TimeSpan.FromHours(1);
options.LoginPath = "/Identity/Account/Login";
options.AccessDeniedPath = "/Identity/Account/AccessDenied";
});
services.AddTransient<IMessage, EmailService>();
}
我在Startup.cs中的配置方法:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IDbInitializer initializer)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
//app.UseExceptionHandler("/Home/Error");
app.UseStatusCodePagesWithRedirects("/");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
initializer.Initialize();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "user_default",
pattern: "{action=Index}",
defaults: new
{area = "User", controller = "Home", action = "Index"},
constraints: new {area = "User", controller = "Home"}
);
endpoints.MapControllerRoute(
name: "products_default",
pattern: "{controller}/{mainCategory}/{category}/{product}",
defaults: new
{area = "User", action = "Index", mainCategory = "", category = "", product = ""},
constraints: new
{area = "User", controller = "Products"}
);
endpoints.MapControllerRoute(
name: "user_subcontrollers_default",
pattern: "{controller=Home}/{action=Index}/{id?}",
defaults: new
{area = "User"},
constraints: new {area = "User"}
);
endpoints.MapControllerRoute(
name: "default",
pattern: "{area=User}/{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
}
原来是我们主机的防火墙设置导致了这个问题。在他们重新配置后,我们的 403 错误停止了。可悲的是,我不知道他们在防火墙中做了什么更改。