Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Cryptographic Exception for SignalR in Azure #3783


User avatar
0
ervingayle created

I am running Aspnetzero 4.3 .net core jquery. I am getting the following error when I publish to azure. Since I am new to the .net core build I do not have any historical information. I have aspnetzero .net jquery also running on azure without any problems along with aspnetboilerplate - all on azure with no errors for SignalR.

My target framework is 4.6.1 (full framework) with my .net core 4.3 jquery install.

An unhandled exception occurred while processing the request.

CryptographicException: The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.

System.Security.Cryptography.ProtectedData.Protect(Byte[] userData, Byte[] optionalEntropy, DataProtectionScope scope)

Searching in Google shows other users in Azure who has the same error: <a class="postlink" href="http://tech.trailmax.info/2014/06/asp-net-identity-and-cryptographicexception-when-running-your-site-on-microsoft-azure-web-sites/">http://tech.trailmax.info/2014/06/asp-n ... web-sites/</a>


6 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @ervingayle,

    Can you compare your Host project's ConfigureOwinServices method in Startup.cs with this one <a class="postlink" href="https://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Web.Host/Startup/Startup.cs#L162">https://github.com/aspnetzero/aspnet-ze ... up.cs#L162</a>.

    If you have a VM on azure, you can also try to set LoadUserProfile to true on IIS configuration.

    Thanks.

  • User Avatar
    0
    ervingayle created

    I am going to review now. One thing though, I made the hangfire uncomment changes to Web.Core and Web.Mvc as per the instructions not to the Host project.

    On Azure, I am using Azure App Services not the traditional self managed VM. I did find this on LoadUserProfile and Azure App Services.

  • User Avatar
    0
    ervingayle created

    The only difference between my Web.Mvc project and the Source on Github or my master branch is the uncommented lines for hangfire. I would like add that I looked at my original aspnetboilerplate install which is on Azure App Services and see that we used and I tried uncommenting the authorization line but that gives me a generic access denied page. //ENABLE TO USE HANGFIRE dashboard (Requires enabling Hangfire in EnotchWebModule) app.UseHangfireDashboard("/hangfire", new DashboardOptions { Authorization = new[] { new AbpHangfireAuthorizationFilter() } //You can remove this line to disable authorization });

    In addition, I noticed that with my environment variable for the project set to "Development", that the DeveloperExceptionPage does not work. I ended up modifying the else branch as follows else { app.UseDeveloperExceptionPage(); //Commented error pages //app.UseStatusCodePagesWithRedirects("~/Error?statusCode={0}"); //app.UseExceptionHandler("/Error"); }

    So I don't know if there is some issue with the settings that are being made with Startup.cs. What else can I provide?

  • User Avatar
    0
    alper created
    Support Team

    hi

    You can find "Load user profile" setting in IIS as i show you in the screenshot. It's discussed there, maybe works for you: <a class="postlink" href="http://www.kradle.ru/2016/11/default">http://www.kradle.ru/2016/11/default</a>

  • User Avatar
    0
    ervingayle created

    Thanks for the reply.

    My only issue here is that as I mentioned I am running Azure websites. Azure App Services does not provide access to IIS because you are on a shared multi-tenant environment as you know. Looking online, I found other examples saying to modify the web.config, etc and I came across this one: <a class="postlink" href="https://github.com/KentorIT/authservices/issues/427">https://github.com/KentorIT/authservices/issues/427</a>

    It asks to add WEBSITE_LOAD_USER_PROFILE = 1 to the App Service, App Settings in the Azure Web Portal.

    Now everything works. This should probably be added to the aspnetzero documentation for anyone else leveraging the platform if you are going to list support for it.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Thanks @ervingayle, I didn't know about this setting on azure, it is very helpful.