Blazor服务器在IIS重新启动/应用部署时强制用户重新验证。

huangapple go评论72阅读模式
英文:

Blazor Server Forces User to Reauthenticate on IIS Recycle / Application Deploy

问题

我开始了一个Blazor Server项目,使用默认的身份验证(本地帐户,我想)。允许您使用脚手架项目来编辑身份验证页面。

每次我将更新部署到IIS时,我都会注销我的应用程序。我认为我的令牌或Cookie应该仍然有效,并重新建立连接没有问题。

每次部署可能会导致应用程序池重新启动,也许不会,因为我不更新web.config。

无论如何,任何了解如何在Blazor Server部署期间保持令牌/Cookie有效的信息都将不胜感激。我在互联网上找不到太多信息。

搜索答案。尝试查看身份验证代码,看看为什么会出现这种情况。

英文:

I started a blazor server project, with the default identity (local account, I think). Allows you to use scaffolding items to edit the identity pages.

Everytime I deploy out an update to IIS, I'm logged out of my application. I would think my bearer token or cookie would still be valid and reestablish a connection no problem.

Every deploy most likely causes an app pool recycle, maybe not since I don't update the web.config.

Anyways, anyone with information on how to keep the token/cookie alive during blazor server deployments would be greatly appreciated. I wasn't finding much luck on the internet.

Googling for answers. Tried looking at identity code to see why this may be the case.

答案1

得分: 0

这通常是由于忘记为服务器端代码配置秘密存储或密钥保管库所致,以便将私钥和其他加密详细信息持久保存 - 这意味着每次启动时都必须重新生成新的秘密/私钥集,这将使所有先前发布的公钥和签名无效。

我不是Blazor用户,所以不知道Blazor本身是否需要特殊配置,但在ASP.NET Core中,您只需在ConfigureServices期间调用AddDataProtection,然后在返回的IDataProtectionBuilder上调用数据保护实现,例如:

  • PersistKeysToAzureBlobStorage
  • ProtectKeysWithCertificate
  • PersistKeysToFileSystem
英文:

This is usually caused by forgetting to configure a secret-store or key-vault for the server-side code to persist private-keys and other cryptographic details to - which means every time it starts-up it has to re-generate a new set of secrets/private-keys, which invalidate all previously-issued public-keys and signatures.

I'm not a Blazor user so I don't know if Blazor itself requires anything special, but in ASP.NET Core you just need to call AddDataProtection during ConfigureServices and then invoke a data protection implementation on the returned IDataProtectionBuilder, such as:

  • PersistKeysToAzureBlobStorage
  • ProtectKeysWithCertificate
  • PersistKeysToFileSystem

huangapple
  • 本文由 发表于 2023年7月17日 10:06:29
  • 转载请务必保留本文链接:https://go.coder-hub.com/76701127.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定