[英]401 Unauthorized error on subsequent REST API requests
I am getting 401 Unauthorized error on subsequent REST API requests , after the 1st successful response with 200 Ok.在第一个成功响应 200 Ok 之后,我在后续 REST API 请求中收到401 Unauthorized错误。 See steps to reproduce below.请参阅下面的重现步骤。
Steps to Reproduce:重现步骤:
Authenticate and Get Authorization Token - Successful验证并获取授权令牌 - 成功
Submit First API Request - Successful提交第一个 API 请求 - 成功
Note : This works fine when I debug locally or deploy on Azure.注意:当我在本地调试或在 Azure 上部署时,这很好用。 However, I get 401 Unauthorized in one of my hosting environment .但是,我在其中一个托管环境中收到 401 Unauthorized 。 And support staff giving hard time and not able to resolve this issue.并且支持人员付出了很多努力并且无法解决这个问题。
Note : You may see different bearer token in my screenshots but I am passing same token in all requests.注意:您可能会在我的屏幕截图中看到不同的不记名令牌,但我在所有请求中都传递了相同的令牌。
Update-1 : Below is the response from both my domain (401) and azure (200 ok) put in side-by-side.更新 1 :以下是我的域 (401) 和 azure (200 ok) 并排放置的响应。 I see Azure additionally sends ARRAffinity and ARRAffinitySameSite in cookies.我看到 Azure 还在 cookie 中发送了 ARRAffinity 和 ARRAffinitySameSite。 Hope this info might help.希望这些信息可能会有所帮助。
I was missing Machine Key in my web.config file needed for web farm as my hosting environment uses 3 nameservers, as it didn't recognize the token from 2nd request onward.我在 web 场所需的 web.config 文件中缺少机器密钥,因为我的托管环境使用 3 个名称服务器,因为它无法识别第二个请求之后的令牌。
From MS Docs: If you deploy application in a Web farm, you must ensure that the configuration files on each server share the same value for validationKey and decryptionKey for Machine Key , which are used for hashing and decryption respectively.来自 MS Docs:如果您在 Web 场中部署应用程序,则必须确保每台服务器上的配置文件共享相同的用于机器密钥的验证密钥和解密密钥的值,分别用于散列和解密。 This is required as you cant guarantee which server will handle successive requests.这是必需的,因为您不能保证哪个服务器将处理连续的请求。
MS Docs: Webfarm Deployment Considerations MS Docs:Webfarm 部署注意事项
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.