今天在部署.Net 5开发的应用时,遇到了以下的错误。
ERROR 2021-02-25 20:39:28,460 [16 ] spNetCore.Antiforgery.DefaultAntiforgery - An exception was thrown while deserializing the token. Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException: The key {238a0f63-439d-4e88-883b-002c09902988} was not found in the key ring. at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData) at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken) --- End of inner exception stack trace --- at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken) at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)
跑到Google上查了一下,说是ASP.net Core防止跨站请求伪造攻击机制的原因,排查了程序应该不是程序的问题,后来在一篇国外的帖子上看到说,需要定义Machine Key,在IIS7.5以下或是想给某个应用专用的话,需要在Web.Config中定义。否则直接在IIS服务器层极定义即可。
点击进去后,如果应用全服务器的话,需要选中“Automatically generate at runtime” & "Automatically generate at runtime"两个复选框。
同时,还需要将应用程序的"Load User Profile“属于设置为”True“。
这样就基本解决了我遇到的问题,记录一下,以备查。