I have an ASP.NET Core MVC application that also hosts an API. The site uses Identity defaults so when you log in a cookie is set. The API has been configured to use JWT Bearer authentication.
I also have a separate ASP.Net Core MVC app that hosts a Javascript SPA that communicates to this other site as the authentication server and the API.
On my dev machine these projects use different ports and when the I log in to the main API site a cookie is set and I can see that the cookie path is set to root " / ". This is the desired behaviour since I want the Javascript SPA to know that I am authenticated and logged in.
When I deploy this to our IIS server, I give each app a virtual path like so:
Site 1: /SPA Site 2: /API
When I deploy this to IIS, I notice that the cookie Path is set to "/API".
This is not the desired behaviour as the SPA app thinks I am not authenticated.
I want to be able to override this and set the cookie path explicitly to root "/".
How do I set the the cookie path while still allowing for JWT Bearer authentication?
You should be able to configure the cookie path in ConfigureServices
like:
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Path = "/";
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.