stackoom
  简体   繁体   中英

ASP.NET MVC application behind reverse proxy - using wrong host name after auth

 原文  2018-05-22 18:57:53       asp.net/ asp.net-mvc/ iis-7/ owin/ reverse-proxy

Question

I have an ASP.NET MVC application using OWIN authentication that is running behind a reverse proxy.

The authentication in ASP.NET is set up like this: 

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,

            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                // Enables the application to validate the security stamp when the user logs in.
                // This is a security feature which is used when you change a password or add an external login to your account.  
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        });

The reverse proxy in iis is setup like this in the web.config: 

<system.webServer>
<httpErrors errorMode="Detailed" />
<asp scriptErrorSentToBrowser="true"/>
    <rewrite>
            <rule name="proxy" stopProcessing="true">
                <match url="^app/?(.*)" />
                <serverVariables>
                    <set name="X_REQUESTED_URL_PATH" value="{R:1}" />
                </serverVariables>
                <action type="Rewrite" url="https://myapp.mydomain.toplevel/app/{R:1}" />
            </rule>
    </rewrite>
<system.webServer>

The reverse proxy is hosted at https://www.mydomain.toplevel/app/ {R:1}

Everything is working fine, RedirectToAction will redirect to www.mydomain.toplevel.

But when I try to open a controller with the AuthenticationAttribute, the redirect will go to https://myapp.mydomain.toplevel/account/login instead of www.mydomain.toplevel

How can I configure this that my application stays behind the reverse proxy, even when the auth redirect is happening? As a first workaround, I tried to hardcode the LoginPath with the hostname in front, but this will give an error that the path should start with a /.

1 answers

solution1
 2 ACCPTED  2018-06-23 10:00:13

Turns out this is quite easy to fix. I just implemented my own OnApplyRedirect method on the AuthenticationProvider:

var provider = new CookieAuthenticationProvider
{
    // ..
};

provider.OnApplyRedirect = context =>
{
    UrlHelper _url = new UrlHelper(System.Web.HttpContext.Current.Request.RequestContext);
    String actionUri = _url.Action("Login", "Account", new { ReturnUrl = context.Request.Uri.PathAndQuery });
    context.Response.Redirect(actionUri);
};

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Using ASP.NET MVC as reverse proxy Get original HOST address when the ASP.NET server is behind an ISA server as a reverse proxy ASP.NET customErrors behind nginx reverse proxy asp.net mvc get absolute url (behind proxy) IIS reverse proxy with asp.net MVC site How to get a host name behind a load balancer in ASP.NET? Need of ISA Server (Reverse Proxy) for ASP.NET application .Net web application behind a WebSeal reverse proxy A simple reverse proxy using ASP.NET, C# with authentication asp.net mvc3 application host in IIS 7
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM