WebApi2 - 没有 OWIN 身份验证管理器与请求关联
WebApi2 - No OWIN authentication manager is associated with the request
我正在使用 Bearer Token Authentication 构建一个 Web API 2 项目。
access_token 的请求有效,但我的其他方法无效。
API 返回以下内容:
No OWIN authentication manager is associated with the request
完整回复消息
{
"Message":"An error has occurred.",
"ExceptionMessage":"No OWIN authentication manager is associated with the request.",
"ExceptionType":"System.InvalidOperationException",
"StackTrace":" at System.Web.Http.Owin.PassiveAuthenticationMessageHandler.SuppressDefaultAuthenticationChallenges(HttpRequestMessage request)\r\n at System.Web.Http.Owin.PassiveAuthenticationMessageHandler.<SendAsync>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.HttpServer.<SendAsync>d__0.MoveNext()"
}
Startup.cs
public partial class Startup
{
public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; }
static string PublicClientKey = "XXX";
public void ConfigureAuth(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientKey),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
app.UseOAuthBearerTokens(OAuthOptions);
}
}
WebApiConfig.cs
public static void Register(HttpConfiguration config)
{
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
// Web API routes
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "ControllerAndAction",
routeTemplate: "api/{controller}/{action}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
Global.asax
public class WebApiApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
GlobalConfiguration.Configure(WebApiConfig.Register);
}
}
我搜索了这个错误,发现一些人说它已通过以下方式解决:
- 网络配置:设置
<modules runAllManagedModulesForAllRequests="true">
- 正在安装Microsoft.Owin.Host.SystemWeb
- 检查我是否使用
Context.GetOwinContext() 而不是 Request.GetOwinContext()
Webconfig 选项无效。
我有 Host.SystemWeb 包裹。
而且我没有在任何地方调用 GetOwinContext。
有什么想法吗?
谢谢。
如异常所示,缺少身份验证管理器。
要解决此问题,我会尝试在 Startup.cs class.
中重新配置不记名令牌配置
这样试试
public void ConfigureAuth(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
//You don't need these lines if you are using bearer token as the token is
//passed in the request header and not in the cookie
//app.UseCookieAuthentication(new CookieAuthenticationOptions());
//app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientKey),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
//Remove this part
//app.UseOAuthBearerTokens(OAuthOptions);
//And try to manually define the authorization server
//and the middleware to handle the tokens
app.UseOAuthAuthorizationServer(OAuthOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
更新
所以问题似乎出在 SupressDefaultHostAuthentication 上。
如果您的主机中没有 运行,则无需添加 SupressDefaultHostAuthentication,因此请在 WebApiConfig 中将其删除(有关更多信息,请参阅对此答案的评论)。 Here's 一个关于主题的好博客 post,它提供了更好的 class。
我在发布一个使用 MVC 5 的 web API 2 模板构建的网站时遇到了这个问题,该模板对实时 IIS 服务器进行了个人用户身份验证。它在 Visual Studio 的 IIS Express 上本地运行良好,但在完整的 IIS 服务器上给了我 No OWIN authentication manager is associated with the request 错误。
我的解决方案是在 web.config 中进行这些更改:
添加这个密钥(我从 this answer 学到的):
<appSettings>
<add key="owin:AppStartup" value="[MyStartUpAssemblyNamespace].Startup, [MyAssemblyName]" />
...
</appSettings>
并将 <modules> 更改为 <modules runAllManagedModulesForAllRequests="true">,这是我从 this answer 中学到的。
在脚手架 WebApiConfig.cs 文件中,位于 App_Start 文件夹中,您需要删除或注释掉以下行:
//config.SuppressDefaultHostAuthentication();
//config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
我正在使用 Bearer Token Authentication 构建一个 Web API 2 项目。
access_token 的请求有效,但我的其他方法无效。 API 返回以下内容:
No OWIN authentication manager is associated with the request
完整回复消息
{
"Message":"An error has occurred.",
"ExceptionMessage":"No OWIN authentication manager is associated with the request.",
"ExceptionType":"System.InvalidOperationException",
"StackTrace":" at System.Web.Http.Owin.PassiveAuthenticationMessageHandler.SuppressDefaultAuthenticationChallenges(HttpRequestMessage request)\r\n at System.Web.Http.Owin.PassiveAuthenticationMessageHandler.<SendAsync>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.HttpServer.<SendAsync>d__0.MoveNext()"
}
Startup.cs
public partial class Startup
{
public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; }
static string PublicClientKey = "XXX";
public void ConfigureAuth(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientKey),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
app.UseOAuthBearerTokens(OAuthOptions);
}
}
WebApiConfig.cs
public static void Register(HttpConfiguration config)
{
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
// Web API routes
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "ControllerAndAction",
routeTemplate: "api/{controller}/{action}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
Global.asax
public class WebApiApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
GlobalConfiguration.Configure(WebApiConfig.Register);
}
}
我搜索了这个错误,发现一些人说它已通过以下方式解决:
- 网络配置:设置
<modules runAllManagedModulesForAllRequests="true"> - 正在安装Microsoft.Owin.Host.SystemWeb
- 检查我是否使用
Context.GetOwinContext()而不是Request.GetOwinContext()
Webconfig 选项无效。
我有 Host.SystemWeb 包裹。
而且我没有在任何地方调用 GetOwinContext。
有什么想法吗?
谢谢。
如异常所示,缺少身份验证管理器。 要解决此问题,我会尝试在 Startup.cs class.
中重新配置不记名令牌配置这样试试
public void ConfigureAuth(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
//You don't need these lines if you are using bearer token as the token is
//passed in the request header and not in the cookie
//app.UseCookieAuthentication(new CookieAuthenticationOptions());
//app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientKey),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
//Remove this part
//app.UseOAuthBearerTokens(OAuthOptions);
//And try to manually define the authorization server
//and the middleware to handle the tokens
app.UseOAuthAuthorizationServer(OAuthOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
更新
所以问题似乎出在 SupressDefaultHostAuthentication 上。 如果您的主机中没有 运行,则无需添加 SupressDefaultHostAuthentication,因此请在 WebApiConfig 中将其删除(有关更多信息,请参阅对此答案的评论)。 Here's 一个关于主题的好博客 post,它提供了更好的 class。
我在发布一个使用 MVC 5 的 web API 2 模板构建的网站时遇到了这个问题,该模板对实时 IIS 服务器进行了个人用户身份验证。它在 Visual Studio 的 IIS Express 上本地运行良好,但在完整的 IIS 服务器上给了我 No OWIN authentication manager is associated with the request 错误。
我的解决方案是在 web.config 中进行这些更改:
添加这个密钥(我从 this answer 学到的):
<appSettings>
<add key="owin:AppStartup" value="[MyStartUpAssemblyNamespace].Startup, [MyAssemblyName]" />
...
</appSettings>
并将 <modules> 更改为 <modules runAllManagedModulesForAllRequests="true">,这是我从 this answer 中学到的。
在脚手架 WebApiConfig.cs 文件中,位于 App_Start 文件夹中,您需要删除或注释掉以下行:
//config.SuppressDefaultHostAuthentication();
//config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));