Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IdentityServer.Admin AuthenticationFailureException: Correlation failed (Only in the new version) #204

Open
mtlive opened this issue Mar 13, 2024 · 3 comments
Open

IdentityServer.Admin AuthenticationFailureException: Correlation failed (Only in the new version) #204

mtlive opened this issue Mar 13, 2024 · 3 comments
Assignees
@skoruba

Comments

@mtlive
Copy link

mtlive commented Mar 13, 2024
edited
Loading

Describe the bug

Can not login to IdentityServer.Admin service.

To Reproduce

Use http for all services.
.NET SDK 8.0.101
It doesn't happen if you use localhost instead of IP.
This problem only happens in version 2.

Relevant parts of the log file

[12:52:19 ERR] An unhandled exception has occurred while executing the request.
Microsoft.AspNetCore.Authentication.AuthenticationFailureException: An error was encountered while handling the remote login.
---> Microsoft.AspNetCore.Authentication.AuthenticationFailureException: Correlation failed.
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.CspMiddleware.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.g__Awaited|10_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task)

What I've Tried Already

In Admin.UI\Helpers\StartupHelpers.cs :
SameSiteMode.Lax for CookiePolicyOptions
and all options for CookieSecurePolicy
@mtlive mtlive changed the title IdentityServer.Admin AuthenticationFailureException: Correlation failed IdentityServer.Admin AuthenticationFailureException: Correlation failed (Only in the new version) Apr 9, 2024
@mtlive
Copy link
Author

mtlive commented Apr 9, 2024
edited
Loading

@skoruba May you take a look at this?
Thank you

@907080752
Copy link

me too

when i use ip ,that will exception correlation failed

@hello-ldf
Copy link

hello-ldf commented Oct 29, 2024
edited
Loading

我碰到类似情况,并通过以下方式解决了。

首先,我的情况是 跳转到 IdentityServer.Admin 项目 /signin-oidc 的时候,报错了,日志如下。
image

其中,最关键的信息是
[16:34:19 WRN] '.AspNetCore.Correlation.Iq5tWpFpTUnvPy-gv_DB71Q7TjVCq0mszhBeM7JMGFM' cookie not found.

这个 cookie 找不到,然而,我断点时发现,这个 cookie 是存在的,只是被打上了 Secure=true,所以无法跨域修改。

于是,我大胆的在 IdentityServer.Admin 的 Startup::ConfigureService 底部加入了

services.Configure(options =>
{
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
options.Secure = CookieSecurePolicy.SameAsRequest;
options.OnAppendCookie = cookieContext =>
{
AuthenticationHelpers.CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
cookieContext.CookieOptions.Secure = false;
};
options.OnDeleteCookie = cookieContext =>
{
AuthenticationHelpers.CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
cookieContext.CookieOptions.Secure = false;
};
});

关键在于把 Secure 设置为 false,这样,我发现该问题解决了。

可能第一次跳转会有问题,刷新页面多试几次就能进去了。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@skoruba skoruba

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mtlive @hello-ldf @907080752 @skoruba