stackoom
  简体   繁体   中英

what is this ASP.NET Core log message: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager

 原文  2018-09-20 11:54:30       c#/ asp.net-core

Question

I have this at every app start.

Does anyone know where this comes from?

info: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[0] User profile is available. Using '/Users/thomas/.aspnet/DataProtection-Keys' as key repository; keys will not be encrypted at rest.

// run the web host
var PathToContentRoot = Directory.GetCurrentDirectory();
var Host = WebHost.CreateDefaultBuilder()
    .UseKestrel()
    .UseContentRoot(PathToContentRoot)
    .UseStartup<WebStartup>()
    .UseNLog()
    .Build();

I don't have anything about 'dataprotection', 'keys', etc nor do I want any form of security features.

The code in the ConfigureServices part is: 

        // find all controllers
        var Controllers =
            from a in AppDomain.CurrentDomain.GetAssemblies().AsParallel()
            from t in a.GetTypes()
            let attributes = t.GetCustomAttributes(typeof(ControllerAttribute), true)
            where attributes?.Length > 0
            select new { Type = t };

        var ControllersList = Controllers.ToList();
        Logging.Info($"Found {ControllersList.Count} controllers");

        // register them
        foreach (var Controller in ControllersList)
        {
            Logging.Info($"[Controller] Registering {Controller.Type.Name}");
            Services
                .AddMvc()
                .AddJsonOptions(Options => Options.SerializerSettings.ContractResolver = new DefaultContractResolver())
                .AddApplicationPart(Controller.Type.Assembly);
        }

        // add signalR
        Services.AddSignalR();

It is done to allow controllers from external assemblies to be used.

1 answers

solution1
 1 ACCPTED  2021-02-12 04:41:42

Depending on what ASP.NET features you are using, the Core Data Protection middleware may be setup and added into the dependency injection container.

This provides a mechanism for storing sensitive data. Depending on what environment you are running in this sensitive data will be stored in different locations. In your case you are getting the message that it is being stored in the user profile (a folder on the system) and in plain text (I'm assuming because you are running on Linux as they would by default get encrypted on Windows). This article has a nice description of the default location for storing the sensitive data.

In your case I suspect it is the use of SignalR that is causing the Core Data Protection middle ware to be added. Another common cause for it being added is calling

IServiceCollection.AddAuthentication

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider[48] An error occurred while reading the key ring C# Asp.Net Core Use Redis for IDistributedMemoryCache and DataProtection What does the [] mean in the Microsoft.AspNetCore.Hosting.Internal.WebHost[1] asp.net trace message and how to find the corresponding code location? Asp.Net Core DataProtection between Web Apps not working on Azure ASP.NET Core startup message log Reproduce the decryption of Microsoft.AspNetCore.DataProtection with the framework.net 4.8 VS 2017 ASP.NET Core Test Project - Microsoft.AspNetCore.Identity missing Can an ASP.NET Core 2.0 project be created without a Microsoft.AspNetCore.All package? How to configure and use Microsoft.AspNetCore.JsonPatch in ASP.NET Core 2.0 Web API ASP.NET Core 6 "Cannot implicitly convert type 'Rotativa.ViewAsPdf' to 'Microsoft.AspNetCore.Mvc.ActionResult'"
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM