相关疑难解决方法(0)

我无法在SSL设备后面运行DNOA RP(终止客户端HTTPS连接并将HTTP反向代理到其后面的Web服务器).

问题是,RP是错误从传入请求猜测收件人端点(因为它是不是 HTTPS被它击中了网络服务器的时间)和终点与方案上的return_to URL对比(这是 HTTPS) -它失败的堆栈跟踪下面.我已经在代码中花了一些时间,如果没有自定义构建或非平凡的子类,我没有看到改变这种行为的方法.我已经将Realm和ReturnToUrl的HTTPS版本传递给OpenIdRelyingParty.CreateRequests() - 该部分工作正常.

是否有可能将检测到的收件人方案捏造为HTTPS或跳过股票DNOA版本的方案比较,或者我明天修补自定义构建？

堆栈跟踪:

ERROR DotNetOpenAuth.Messaging - 09 Jul 2010 00:11:39,450 - Protocol error: The openid.return_to parameter (https://XXX/Login.aspx?openid=XXX&dnoa.userSuppliedIdentifier=XXX) does not match the actual URL (http://XXX/Login.aspx?openid=XXX&dnoa.userSuppliedIdentifier=XXX&openid.ns=http://specs.openid.net/auth/2.0&openid.mode=id_res&openid.op_endpoint=XXX&openid.response_nonce=XXX&openid.return_to=https://XXX/Login.aspx?openid=XXX&dnoa.userSuppliedIdentifier=XXX&openid.assoc_handle=XXX&openid.signed=op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle&openid.sig=XXX&openid.identity=XXX&openid.claimed_id=XXX) the request was made with.
 at DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String message, Object[] args)
 at DotNetOpenAuth.OpenId.Messages.IndirectSignedResponse.VerifyReturnToMatchesRecipient()
 at DotNetOpenAuth.OpenId.Messages.IndirectSignedResponse.EnsureValidMessage()
 at DotNetOpenAuth.Messaging.MessageSerializer.Deserialize(IDictionary`2 fields, MessageDictionary messageDictionary)
 at DotNetOpenAuth.Messaging.Reflection.MessageDictionary.Deserialize(IDictionary`2 fields)
 at DotNetOpenAuth.Messaging.Channel.Receive(Dictionary`2 fields, MessageReceivingEndpoint recipient)
 at DotNetOpenAuth.Messaging.Channel.ReadFromRequestCore(HttpRequestInfo request)
 at DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest)
 at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo)
 at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse()