端点包含授权元数据,但未找到支持授权的中间件
Endpoint contains authorization metadata, but a middleware was not found that supports authorization
我目前正在将本地开发的应用程序迁移到数字海洋中的 Ubuntu 16.04 droplet。我正在使用 .NET Core 3.1 并且已经为它配置好我的服务器。但是,当我导航到我的控制器上使用 [Authorize] 属性的端点时,我只在我的生产服务器(不是本地)上得到以下异常:
An unhandled exception has occurred while executing the request.
System.InvalidOperationException: Endpoint App.Controllers.RsvpController.Index contains authorization metadata, but a middleware was not found that supports authorization.
Configure your application startup by adding app.UseAuthorization() inside the call to Configure(..) in the application startup code. The call to app.UseAuthorization() must appear between app.UseRouting() and app.UseEndpoints(...).
at Microsoft.AspNetCore.Routing.EndpointMiddleware.ThrowMissingAuthMiddlewareException(Endpoint endpoint)
at Microsoft.AspNetCore.Routing.EndpointMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
An unhandled exception has occurred while executing the request.
这就是我的 Configure() 方法在 Startup.cs 中的样子:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
我也在 ConfigureServices() 中使用它:
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddCookie(options =>
{
options.LoginPath = new PathString("/Account/Login/");
options.AccessDeniedPath = new PathString("/Account/Forbidden/");
});
我的控制器在整个控制器周围有 [Authorize] 属性 class:
[Authorize]
public class RsvpController : Controller
{
...
}
我无法弄清楚是什么问题,因为它在本地有效。我已经尝试在本地将 ASPNETCORE_ENVIRONMENT 更改为 "Production" 以查看是否有基于此的标志,但我仍然遇到问题。在此先感谢您的帮助!
在您的 Configure 方法中,尝试这段代码:
...
app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
在我的例子中,我使用了这个命令并且它有效
app.UseRouting();
app.UseCors(x => x.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
我像 app.UseCors(x => x.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()); 一样使用 CORS,因为我只是在开发应用程序,您可以在 CORS 配置中使用您想要的内容,但中间件的顺序确实很重要。请参阅 link @Massimo 提供。我用那个 link 来找出解决方案
解决此问题的非常简单的方法是将 app.UseAuthorization() 移动到 app.UseRouting() 和 app.UseEndpoints() 之间的任何位置,如本例所示:
app.UseRouting();
//Enable Authentication
app.UseAuthentication();
app.UseAuthorization(); //<< This needs to be between app.UseRouting(); and app.UseEndpoints();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
我目前正在将本地开发的应用程序迁移到数字海洋中的 Ubuntu 16.04 droplet。我正在使用 .NET Core 3.1 并且已经为它配置好我的服务器。但是,当我导航到我的控制器上使用 [Authorize] 属性的端点时,我只在我的生产服务器(不是本地)上得到以下异常:
An unhandled exception has occurred while executing the request.
System.InvalidOperationException: Endpoint App.Controllers.RsvpController.Index contains authorization metadata, but a middleware was not found that supports authorization.
Configure your application startup by adding app.UseAuthorization() inside the call to Configure(..) in the application startup code. The call to app.UseAuthorization() must appear between app.UseRouting() and app.UseEndpoints(...).
at Microsoft.AspNetCore.Routing.EndpointMiddleware.ThrowMissingAuthMiddlewareException(Endpoint endpoint)
at Microsoft.AspNetCore.Routing.EndpointMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
An unhandled exception has occurred while executing the request.
这就是我的 Configure() 方法在 Startup.cs 中的样子:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
我也在 ConfigureServices() 中使用它:
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddCookie(options =>
{
options.LoginPath = new PathString("/Account/Login/");
options.AccessDeniedPath = new PathString("/Account/Forbidden/");
});
我的控制器在整个控制器周围有 [Authorize] 属性 class:
[Authorize]
public class RsvpController : Controller
{
...
}
我无法弄清楚是什么问题,因为它在本地有效。我已经尝试在本地将 ASPNETCORE_ENVIRONMENT 更改为 "Production" 以查看是否有基于此的标志,但我仍然遇到问题。在此先感谢您的帮助!
在您的 Configure 方法中,尝试这段代码:
...
app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
在我的例子中,我使用了这个命令并且它有效
app.UseRouting();
app.UseCors(x => x.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
我像 app.UseCors(x => x.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()); 一样使用 CORS,因为我只是在开发应用程序,您可以在 CORS 配置中使用您想要的内容,但中间件的顺序确实很重要。请参阅 link @Massimo 提供。我用那个 link 来找出解决方案
解决此问题的非常简单的方法是将 app.UseAuthorization() 移动到 app.UseRouting() 和 app.UseEndpoints() 之间的任何位置,如本例所示:
app.UseRouting();
//Enable Authentication
app.UseAuthentication();
app.UseAuthorization(); //<< This needs to be between app.UseRouting(); and app.UseEndpoints();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});