OWIN Cookie身份验证无法在IIS 8.5上运行
[英]OWIN Cookie authentication not working on IIS 8.5
问题描述
I have developed an ASP.NET webapp with OWIN authentication, which works fine on my development machine (Windows 10/IIS 10), but when the webapp is published to my Windows 2012 server with IIS 8.5, the cookie authentication does not seem te work. 
我开发了一个带有OWIN身份验证的ASP.NET webapp,它在我的开发机器(Windows 10 / IIS 10)上工作正常,但是当使用IIS 8.5将webapp发布到我的Windows 2012服务器时,cookie身份验证似乎不起作用。
When I login (with the IsPersistent setting to true) and close the browser, I am still logged on when I start my browser again, so that's OK. 当我登录(IsPersistent设置为true)并关闭浏览器时,我仍然在我再次启动浏览器时登录,所以没关系。 But when I restart IIS and startup the browser, I have to logon again. 但是,当我重新启动IIS并启动浏览器时,我必须再次登录。
I have created a very simple application to test this, with the following code: 我创建了一个非常简单的应用程序来测试它,使用以下代码:
Startup.cs Startup.cs
public void ConfigureAuthentication(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Login"),
CookieName = "ThisIsTheAuthCookie"
});
}
AuthenticationController.cs AuthenticationController.cs
public ActionResult Login(string userName, string password)
{
//For testing purposes every user/pwd is fine
var identity = new ClaimsIdentity(new [] { new Claim(ClaimTypes.Name, userName), },
DefaultAuthenticationTypes.ApplicationCookie,
ClaimTypes.Name, ClaimTypes.Role);
HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties { IsPersistent = true }, identity);
return RedirectToAction("index", "home");
}
Even Chrome shows the cookie, but it looks like OWIN is not using it on IIS 8.5: 甚至Chrome也会显示Cookie,但看起来OWIN在IIS 8.5上没有使用它:
Does anybody have an idea what the problem is? 有人知道问题是什么吗?
Thx, Danny 谢谢,丹尼
3 个解决方案
解决方案1
0 2016-09-23 21:31:05
Can you try a couple of things and share the results :- 1. Restart the IIS , keeping the User-Agent. 您可以尝试一些事情并分享结果: - 1.重新启动IIS,保留User-Agent。 See if you are logged in now. 看看你现在是否登录。 2. Enable logging in Katana and check for this warning/error in the logs. 2.启用Katana日志记录并在日志中检查此警告/错误。
解决方案2
0 2016-09-28 06:41:31
Any result on this already? 对此有任何结果吗?
For me it looks like you have the cookie with the session ID available but the IIS server is not aware anymore on this session. 对我来说,看起来你有可用会话ID的cookie,但IIS服务器在这个会话上不再知道。 Are you sure you persist the session on the IIS server? 您确定在IIS服务器上保留会话吗? (and not 'In Process') (而不是'正在处理')
You can find the option under Session State in the IIS configuration. 您可以在IIS配置中的“会话状态”下找到该选项。 See TechNet Article IIS 请参阅TechNet文章IIS
解决方案3
0 已采纳 2016-10-03 22:02:58
The problem is solved. 问题已经解决了。 I had to add the MachineKey element in the web.config! 我不得不在web.config中添加MachineKey元素!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.