iis “取消保护会话cookie时出错”异常错误

7xzttuei  于 2022-11-12  发布在  其他
关注(0)|答案(3)|浏览(194)

我有一个使用此身份验证设置的ASP.NET MVC应用程序:
配置服务():

services.AddSession()
services.AddAuthentication(sharedOptions => sharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);

设定():

app.UseCookieAuthentication(new CookieAuthenticationOptions());
        app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
        {
            ClientId = "xx",
            Authority = "xx",
            Events = new OpenIdConnectEvents { OnRemoteFailure = this.OnAuthenticationFailed }
        });

在IIS中承载时,某些用户会遇到此异常:

Microsoft.AspNetCore.Session.SessionMiddleware, 
      Error unprotecting the session cookie.
System.Security.Cryptography.CryptographicException: The key {9ec59def-874e-45df-9bac-d629f5716a04} was not found in the key ring.
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.Session.CookieProtection.Unprotect(IDataProtector protector, String protectedText, ILogger logger)

我已经在托管服务器https://github.com/aspnet/DataProtection/blob/dev/Provision-AutoGenKeys.ps1上运行了此程序
Web仅具有HTTPS绑定,SSL证书正常且已签名。可能导致此问题的原因是什么?“密钥”值实际是什么?

68bkxrlz

68bkxrlz1#

services.AddSession(options => {
    options.IdleTimeout = TimeSpan.FromHours(12);
    options.Cookie.Name = ".yourApp.Session"; // <--- Add line
    options.Cookie.IsEssential = true;
});
vh0rcniy

vh0rcniy2#

我遇到了同样的问题。我通过以下方法解决了它:

*按如下所述配置会话https://learn.microsoft.com/en-us/aspnet/core/fundamentals/app-state?view=aspnetcore-5.0

启动的ConfigureServices方法:

services.AddControllersWithViews()
            .AddSessionStateTempDataProvider();

    services.AddRazorPages()
            .AddSessionStateTempDataProvider();

    services.AddSession(options =>
    {
        options.IdleTimeout = TimeSpan.FromHours(4);
        options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
        options.Cookie.SameSite = SameSiteMode.Strict;
        options.Cookie.HttpOnly = true;
        // Make the session cookie essential if you wish
        //options.Cookie.IsEssential = true;
    });

启动的Configure方法:

app.UseCookiePolicy();

        app.UseSession();

*删除此网站浏览器中所有现有的Cookie(或者服务器可能会尝试读取旧的Cookie,即使您同时修复了该问题)

nuypyhwy

nuypyhwy3#

更改您的service.addSession()为以下内容:

services.AddSession(options =>
    {
        // Set a short timeout for easy testing.
        options.IdleTimeout = TimeSpan.FromMinutes(60);
        // You might want to only set the application cookies over a secure connection:
        options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
        options.Cookie.SameSite = SameSiteMode.Strict;
        options.Cookie.HttpOnly = true;
        // Make the session cookie essential
        options.Cookie.IsEssential = true;
    });

这应该可以解决您的问题!

相关问题