我正在努力让我的.net核心1.1应用程序在负载均衡器后面工作并强制执行https.我的Startup.cs中有以下设置
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IServiceProvider serviceProvider, IOptions<Auth0Settings> auth0Settings)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
var startupLogger = loggerFactory.CreateLogger<Startup>();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseBrowserLink();
startupLogger.LogInformation("In Development");
}
else
{
startupLogger.LogInformation("NOT in development");
app.UseExceptionHandler("/Home/Error");
}
app.UseMiddleware<HttpsRedirectMiddleware>();
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});`
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme= CookieAuthenticationDefaults.AuthenticationScheme,
AutomaticAuthenticate = true,
AutomaticChallenge = true,
CookieHttpOnly = true,
SlidingExpiration = true
});
Run Code Online (Sandbox Code Playgroud)
HttpsRedirectMiddleware用于验证LB具有X-Forwarded-Proto集合,它确实存在,并以https作为唯一值返回.当我访问该网站(https://myapp.somedomain.net)时,它知道我未经过身份验证并将我重定向到(http://myapp.somedomain.net/Account/Logon?ReturnUrl=%2f).它失去了SSL连接并切换回我的端口80..net核心文档说使用如下所示的"UseForwardedHeaders",这在我的情况下不起作用.当此切换发生时,控制台记录器没有来自中间件的任何错误或警告.
对于短期修复,我把它放在"UseForwardedHeaders"下面
app.Use(async (context, next) =>
{
var xproto = context.Request.Headers["X-Forwarded-Proto"].ToString();
if …Run Code Online (Sandbox Code Playgroud)