问题描述
我的日志中出现错误.我一整天的时间都在寻找解决方案,但找不到符合我要求的解决方案.
I am getting the error in my log. I spent most of my day finding the solution but could not find the one which meets my requirement.
这是日志错误
"Certificates": {
"StoreName": "My",
"StoreLocation": "LocalMachine"
"SerialNumber": "xxxxxxxxxxxx"
},
private X509Certificate2 LCertificate()
{
var storeName = Configuration["Certificates:StoreName"];
var storeLocation = Configuration["Certificates:StoreLocation"];
string serialNumber = Configuration["Certificates: SerialNumber"];
using(X509Store store = new X509Store(storeName,storeLocation))
{
var certificates = store.Certificates
.Find(X509FindType.FindBySerialNumber,
serialNumber,
acceptValidCertOnly);
return certificates[0];
}
}
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer
.AddSigningCredential(new X509Certificate2(LCertificate()))
}
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Login(LoginModel model)
{
推荐答案
如果
- 您的应用托管在多台服务器上
- 尚未配置共享数据保护
- 您没有使用粘性会话
当用户从服务器A请求带有表单的页面,然后将表单提交给服务器B时,就会发生这种情况.
this will happen when user requests a page with a form from server A, and later submits the form to server B.
如果也可能在单个IIS服务器上发生
It may also happen on a single IIS server if
- 用户请求带有表单的页面
- 您重新启动服务器
- 用户提交表单
这样做的原因是重新启动会导致将新的密钥环加载到内存中,并且表单内的防伪密钥不再生效.
Reason for this is that a restart causes a new keyring to load into memory, and the antiforgery key inside the form no longer validate.
后一种情况可以在IIS中通过选中加载用户配置文件"来解决.在应用程序池中.
The latter case can be fixed in IIS by checking "load user profile" in app pool.
这篇关于反序列化令牌时引发异常..NetCore 2.2应用程序中无法解密防伪令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!