stackoom
  简体   繁体   中英

Using an in-memory repository. Keys will not be persisted to storage After published to IIS

 原文  2020-10-20 09:32:02       c#/ asp.net

Question

When I run my asp.net 3.1 app on my VS 2019, it is working fine and no problem. After I published to my local IIS , I got this problems ( Using an in-memory repository. Keys will not be persisted to storage. Neither user profile nor HKLM registry available. Using an ephemeral key repository. Protected data will be unavailable when application exits.). I tried to to set Load User Proifle on IIS advanced setting also. I tried this article Neither user profile nor HKLM registry available. Using an ephemeral key repository. Protected data will be unavailable when application exits . But my problems is not solved. Any advice or guidance would be greatly appreciated.

Thanks amy

1 answers

solution1
 0  2021-09-02 07:04:28

I ran into these error messages in our logs as well, but in our case that's because we're running ASP.NET Core on Linux, and there's neither IIS nor a HKLM registry on Linux.

The main symptom is that users would get authentication errors when we deployed a new version of the server. That's because the keys were stored in memory as the error message says, and when redeploying the application, the keys would be lost, and new ones get re-generated upon launching the new version of the application.

The solution was to just persist the keys to local storage. In your startup.cs file, try adding these lines:

using Microsoft.AspNetCore.DataProtection;

public void ConfigureServices(IServiceCollection services) {
    // other config code

    services.AddDataProtection()
        .PersistKeysToFileSystem(new DirectoryInfo(@"C:\someFolder\"));
    // config code for authentication
    // other config code
}

Since I'm testing locally on a windows machine, "someFolder" is actually a configured value read from appsettings.json and appsettings.Development.json. The path on Linux is different, and the processes that runs the .NET application will need to own and have read and write permissions for the process (www-data on ubuntu with nginx)

Be aware that persisting the keys to the file system automatically removes the encryption, but encryption can be added back.

For the MS documentation on these:
https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/implementation/key-storage-providers?view=aspnetcore-5.0&tabs=visual-studio

https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/implementation/key-encryption-at-rest?view=aspnetcore-5.0

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Using in-memory database How to set up an in-memory repository How to implement Save in an in-memory repository Identity Server still including in-memory keys in discovery doc after providing custom implementation of ISigningCredentialStore Generic Repository. FindByID Unit testing the repository. NHibernate Exposing transactions on Repository. NHibernate TFS WebHook fails after Webapi is published to IIS Mocking a LinqToSql repository in-memory for use in unit tests Repository pattern - how to combine database & in-memory entities?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM