*Aspnet Core MVC
*Last Version
*Azure App Service
Hi,
After changing slots (staging -> Production), users logged into Production are disconnected and the logs show the error below:
spNetCore.Antiforgery.DefaultAntiforgery - An exception was thrown while deserializing the token.
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
---> System.Security.Cryptography.CryptographicException: The key {965441a2-128b-4680-922e-aa50c6196f7a} was not found in the key ring. For more information go to https://aka.ms/aspnet/dataprotectionwarning
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)
*we are publishing in a windows environment on azure with 3 allocated instances, Cache Redis, signalr backplane and Hangfire.
I came across this article: https://aspnetzero.com/blog/persist-data-protection-keys-to-database
Is this type of implementation still necessary or is it standard from Zero?
tanks.
5 Answer(s)
-
0
Hi @ricardo
Sorry for our late reply. Does this happen when you browse the website in incognito mode ?
If you are running the app with multiple instances, please read https://docs.aspnetzero.com/aspnet-core-mvc/latest/Clustered-Environment -
0
Hi @ismcagdas,
it also occurs in anonymous mode.
We followed all the recommendations in https://docs.aspnetzero.com/aspnet-core-mvc/latest/Clustered-Environment
We have implemented Azure Redis Cache, we are using Hangfire and we have also implemented Azure SignalR.
but the documentation does not inform if I should implement what is informed in this article https://aspnetzero.com/blog/persist-data-protection-keys-to-database
or if this is already handled in some way by zero.
Redis Config:
SignalR Config:
-
0
Hi,
I managed to solve the problem by following this documentation:
https://aspnetboilerplate.com/Pages/Documents/XSRF-CSRF-Protection
https://github.com/aspnetzero/aspnet-zero-core/issues/4121
It would be interesting if this section of the documentation was included in the documentation that deals with clustered environments.:
https://docs.aspnetzero.com/aspnet-core-mvc/latest/Clustered-Environment
tanks
Ricardo -
0
Hi @ricardo
Thank you for your feedback and suggestion We are glad you solved the problem. It might be useful to add this documentation to the section on clustered environments
-
0
Hi @oguzhanagir,
thank you very much.
