asp.net core 2.0的机器密钥?

本文介绍了asp core 2.0的机器密钥?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我有在两个不同的服务器上运行的相同的asp core 2应用程序，但是使用相同的数据库来存储用户等.

I have the same asp core 2 app running on 2 different servers but using the same database to store users and etc.

问题是，如果我在一台服务器上创建并设置用户密码，则运行同一应用程序的另一台服务器将返回无效密码，反之亦然.

The problem is that if I create and set a user password in one server, the other server running the same app returns invalid password and vice-versa.

几年前，我在使用asp 4应用程序时遇到了这个问题，并通过为两个应用程序设置相同的机器密钥来解决了这个问题.

I had this problem a few years ago with an asp 4 app and I fixed it by setting the same machine key for both apps.

我听说过数据保护API，但是我找不到在哪里告诉它使用相同的加密密钥，而是找到了使我感到困惑的复杂示例，我需要做的就是使两台服务器理解彼此的加密.

I heard about data protection api, but I can't find where to just tell it to use the same encryption key, instead I find complex examples that confuses me and all I need is to make both servers understand each other's encryption.

推荐答案

您可以将一台服务器保留为主服务器，将一台服务器保留为辅助服务器.在辅助服务器中，禁用自动密钥生成

You can keep one server as primary and one as secondary. In the secondary server disable auto key generation

public void ConfigureServices(IServiceCollection services) { services.AddDataProtection().DisableAutomaticKeyGeneration(); }

或者您可以将其保留给Redis

Or you can persist them to Redis

public void ConfigureServices(IServiceCollection services) { // sad but a giant hack :( // github/StackExchange/StackExchange.Redis/issues/410#issuecomment-220829614 var redisHost = Configuration.GetValue<string>("Redis:Host"); var redisPort = Configuration.GetValue<int>("Redis:Port"); var redisIpAddress = Dns.GetHostEntryAsync(redisHost).Result.AddressList.Last(); var redis = ConnectionMultiplexer.Connect($"{redisIpAddress}:{redisPort}"); services.AddDataProtection().PersistKeysToRedis(redis, "DataProtection-Keys"); services.AddOptions(); // ... }

详细的文章可以在同一篇文章中找到

A detailed article is available on the same

www.tugberkugurlu/archive/asp-net-core-authentication-in-a-load-balanced-environment-with-haproxy-and-redis

PS:上面发布的代码来自同一篇文章，因此，如果链接断开，答案仍然是完整的

PS: The code posted above is from the same articles, so that if link goes the down, the answer is still complete