数据保护密钥未保留到Azure
[英]Data Protection Keys Not Persisted To Azure
问题描述
I have an ASP.NET Core application hosted in IIS in an Azure VM. 
我在Azure VM中的IIS中托管了一个ASP.NET Core应用程序。 I call the extension method to persist they key to Azure but nothing is ever stored there and the application seems to still be using local keys. 我调用扩展方法来保持它们键入Azure,但没有任何东西存储在那里,应用程序似乎仍然使用本地密钥。 I followed the example here: http://intellitect.com/staying-logged-across-azure-app-service-swap/ exactly. 我按照这里的例子: http : //intellitect.com/staying-logged-across-azure-app-service-swap/ 。 As a matter of fact, when I test the code in a console application, persistence works fine. 事实上,当我在控制台应用程序中测试代码时,持久性工作正常。 However, when I run the ASP.NET Core app with this code, nothing ever gets persisted to Azure. 但是,当我使用此代码运行ASP.NET Core应用程序时,Azure中没有任何内容持久存在。 Any ideas why? 有什么想法吗?
3 个解决方案
解决方案1
5 2017-08-16 03:08:16
Please check the order of registering MVC service and DataProtection service. 请检查注册MVC服务和DataProtection服务的顺序。 Registering DataProtection service must be before registering MVC service. 注册DataProtection服务必须在注册MVC服务之前。 Code below is for your reference. 以下代码供您参考。
// Add DataProtection Service
if (storageUrl != null && sasToken != null && containerName != null && applicationName != null && blobName != null)
{
// Create the new Storage URI
Uri storageUri = new Uri($"{storageUrl}{sasToken}");
//Create the blob client object.
CloudBlobClient blobClient = new CloudBlobClient(storageUri);
//Get a reference to a container to use for the sample code, and create it if it does not exist.
CloudBlobContainer container = blobClient.GetContainerReference(containerName);
container.CreateIfNotExists();
services.AddDataProtection()
.SetApplicationName(applicationName)
.PersistKeysToAzureBlobStorage(container, blobName);
}
// Add framework services.
services.AddMvc();
解决方案2
3 已采纳 2017-08-18 20:38:33
I marked the above response as an answer because it's correct and an important point. 我将上面的回答标记为答案,因为它是正确的,也是重要的一点。 However, the real answer to this question is key data is not persisted just because the app starts up and you called PersistKeysToAzureBlobStorage (or any other PersistToXXX method). 但是,这个问题的真正答案是关键数据不会因为应用程序启动而持久存在而且您调用了PersistKeysToAzureBlobStorage(或任何其他PersistToXXX方法)。 That's just for configuration of data protection. 这只是用于配置数据保护。 You can say it's "lazy". 你可以说它是“懒惰的”。 The key data will be generated with your code or the framework first calls Protect/Unprotect as in the following: 密钥数据将使用您的代码生成,或者框架首先调用Protect / Unprotect,如下所示:
var protector = provider.CreateProtector("Some Purpose");
var enc = protector.Protect("Hello World");
...
protector.Unprotect(enc);
解决方案3
1 2019-09-05 11:40:26
The marked answer helped me to debug the issue I was having with keys not being persisted to blob storage. 明确的答案帮助我调试了我所遇到的问题,因为密钥没有被持久化到blob存储。
In my case it was the lack of a root element in the existing blob/xml. 在我的例子中,现有的blob / xml中缺少一个根元素。
If there is an existing blob that is being referenced, it must contain the following content in order for the data protection library to populate it with the keys upon lazy initialisation: 如果存在正在引用的现有blob,则它必须包含以下内容,以便数据保护库在延迟初始化时使用键填充它:
<?xml version="1.0" encoding="utf-8"?><repository></repository>
The documentation doesn't mention this. 文档没有提到这一点。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.