介绍
我们有一个OpenID Provider,我们使用DotNetOpenAuth组件创建.当我们在单个节点上运行提供程序时,一切都运行良好,但当我们将提供程序移动到负载平衡群集,其中多个服务器正在处理每个会话的请求时,我们遇到消息签名问题,因为DotNetOpenAuth组件似乎使用了一些独特的东西从每个群集节点创建签名.
例外
DotNetOpenAuth.Messaging.Bindings.InvalidSignatureException: Message signature was incorrect.
at DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement.ProcessIncomingMessage(IProtocolMessage message) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\OpenId\ChannelElements\SigningBindingElement.cs:line 139
at DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage message) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\Messaging\Channel.cs:line 940
at DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage message) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 172
at DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\Messaging\Channel.cs:line 378
at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:line 493
建立
我们让机器配置设置在所有集群节点上使用相同的机器密钥,并且我们已经设置了与SQL Server的进程外会话.
题
我们如何配置DotNetOpenAuth用于对其消息进行签名的密钥,以便客户端在同一会话期间信任来自群集中所有服务器的响应?