unauthorized error after deployement #6832

18 Answer(s)

• 

  0

  liangshiwei created one month ago

  Support Team Fullstack Developer

  Hi,

  You can remove the UseIISIntegration

  When hosting in IIS, IIS passes custom headers to the asp.net application which will be missing when hiting the asp.net core process directly. When using IIS to reverse proxy asp.net core, you should only access it via IIS.

  https://learn.microsoft.com/en-us/archive/msdn-technet-forums/c4fda121-5459-4274-81bd-94bfe9379c37

  Save Cancel
• 

  0

  devsumati created one month ago

  Hi,

  You can remove the UseIISIntegration

  When hosting in IIS, IIS passes custom headers to the asp.net application which will be missing when hiting the asp.net core process directly. When using IIS to reverse proxy asp.net core, you should only access it via IIS.

  https://learn.microsoft.com/en-us/archive/msdn-technet-forums/c4fda121-5459-4274-81bd-94bfe9379c37

  Hi liangshiwei, Thanks for the help but I cannot find "UseIISIntegration" anywhere in my code. So is there any other setting which might be causing this issue because i can not perform any action on deployed application. It always says unauthorized. Also for your reference i am deploying it in azure web app dotnet 8 using github actions.

  Save Cancel
• 

  0

  liangshiwei created one month ago

  Support Team Fullstack Developer

  So is there any other setting which might be causing this issue 'MS-ASPNETCORE-TOKEN' does not match the expected pairing token '824e115b-0788-4d57-a6e3-f8eff97b788c', request rejected.

  No other reason, you can see the IIS Middleware source code https://github.com/dotnet/aspnetcore/blob/main/src/Servers/IIS/IISIntegration/src/IISMiddleware.cs#L105

  

  That's why when using IIS to reverse proxy asp.net core, you should only access it via IIS

  Save Cancel
• 

  0

  devsumati created one month ago

  so how can i solve the issue. i can not find "UseIISIntegration" in my code and i am using "inprocess" hosting model in webconfig also i have already tried "OutOfProcess". But the issue is same. whenever i try to open anything it says unauthorized.

  please suggest what should i change and where should i change.

  Thanks

  Save Cancel
• 

  0

  liangshiwei created one month ago

  Support Team Fullstack Developer

  Hi,

  Could you please share the full logs? thanks. my email is shiwei.liang@volosoft.com

  Save Cancel
• 

  0

  maliming created one month ago

  Support Team Fullstack Developer

  hi

  Please confirm the current user has the following permissions:

  Authorization failed. These requirements were not met:
  
  PermissionRequirement: abc.Carts
  PermissionRequirement: abc.Addresses
  

  Please set the loglevel to Debug of all websites and share again. Thanks. liming.ma@volosoft.com

  public class Program
  {
      public async static Task<int> Main(string[] args)
      {
          Log.Logger = new LoggerConfiguration()
              .MinimumLevel.Debug()
              .MinimumLevel.Override("Microsoft.EntityFrameworkCore", LogEventLevel.Warning)
              .Enrich.FromLogContext()
              .WriteTo.Async(c => c.File("Logs/logs.txt"))
              .WriteTo.Async(c => c.Console())
              .CreateLogger();
  

  Save Cancel
• 

  0

  devsumati created one month ago

  Hi maliming, I am using same database and user in local it is working perfectly so i don't think it is related to permission. It is throwing exception only when it is deployed in azure web app. and i think problem is coming due to "MS-ASPNETCORE-TOKEN' does not match the expected pairing token '824e115b-0788-4d57-a6e3-f8eff97b788c', request rejected." and i am not able to find solution for this.

  I will share full log with MinimumLevel.Debug as soon as it is deployed with changes in azure. Thanks

  Save Cancel
• 

  0

  maliming created one month ago

  Support Team Fullstack Developer

  Thanks.

  And make sure your websites are In-process-hosting

  https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/iis/in-process-hosting?view=aspnetcore-8.0

  Save Cancel
• 

  0

  maliming created 19 days ago

  Support Team Fullstack Developer

  hi devsumati

  Please output the HTTP request info to the logs in your Controllers

  You can inject the ILogger<Controller> and write the headers to logs.

  var headers = HttpContext.Request.Headers
      .Select(header => header.Key + " : " + header.Value)
      .ToList()
  

  abc.Controllers.Carts.CartController.GetListAsync (abc.HttpApi)'
  abc.Controllers.Categories.CategoryController.GetListAsync (abc.HttpApi)'
  abc.Controllers.Addresses.AddressController (abc.HttpApi).
  

  Save Cancel
• 

  0

  devsumati created 19 days ago

  hi devsumati

  Please output the HTTP request info to the logs in your Controllers

  You can inject the ILogger<Controller> and write the headers to logs.

  var headers = HttpContext.Request.Headers 
      .Select(header => header.Key + " : " + header.Value) 
      .ToList() 
  

  abc.Controllers.Carts.CartController.GetListAsync (abc.HttpApi)' 
  abc.Controllers.Categories.CategoryController.GetListAsync (abc.HttpApi)' 
  abc.Controllers.Addresses.AddressController (abc.HttpApi). 
  

  I am unable to understand what you are trying to say. can you please send me detailed info for the same where to write the given code or a sample code with above configuratio.n

  Save Cancel
• 

  0

  maliming created 19 days ago

  Support Team Fullstack Developer

  hi

  Inject the ILogger<Controller> and write the headers to logs in your controller classes.

  eg:

  

  Save Cancel
• 

  0

  maliming created 16 days ago

  Support Team Fullstack Developer

  hi

  It seems there is no authentication header(Bearer)

  We need the Authorization: Bearer <token> header.

  Please check your reverse proxy server.

  GetListAsync(xxxx.Categories.GetCategoriesInput) on controller xxxx.Controllers.Categories.CategoryController (xxxx.HttpApi).
  [13:13:42 ERR] headers:Accept : text/plain; v=1.0, application/json; v=1.0
  Connection : keep-alive
  Host : xxxxmen.com
  Accept-Language : en
  Max-Forwards : 10
  traceparent : 00-08f8ff08b07e038ae06e36b6ed180164-4d3c133f9f1b20b0-00
  api-version : 1.0
  X-Correlation-Id : 
  X-Requested-With : XMLHttpRequest
  X-ARR-LOG-ID : 3585d96e-1155-4e77-bcbd-a4ee87692cd6
  CLIENT-IP : 20.204.219.217:10054
  DISGUISED-HOST : xxxxmen.com
  X-SITE-DEPLOYMENT-ID : xxxxmen
  WAS-DEFAULT-HOSTNAME : xxxxmen.azurewebsites.net
  X-Forwarded-Proto : https
  X-AppService-Proto : https
  X-ARR-SSL : 2048|256|CN=GeoTrust Global TLS RSA4096 SHA256 2022 CA1, O="DigiCert, Inc.", C=US|CN=xxxxmen.com
  X-Forwarded-TlsVersion : 1.3
  X-Forwarded-For : 20.204.219.217:10054
  X-Original-URL : /host/api/app/categories?SkipCount=0&MaxResultCount=10&api-version=1.0
  X-WAWS-Unencoded-URL : /host/api/app/categories?SkipCount=0&MaxResultCount=10&api-version=1.0
  MS-ASPNETCORE-TOKEN : 1759c992-0ed8-4e8a-ace9-af4463fbc8b1
  X-Original-For : 127.0.0.1:50915
  X-Original-Proto : http
  ``
  

  Save Cancel
• 

  0

  devsumati created 16 days ago

  Hi I am running it in local in release mode and it carries all the headers.

  Save Cancel
• 

  0

  maliming created 15 days ago

  Support Team Fullstack Developer

  But after the deployment, It doesn't have the Authorization: Bearer <token> header.

  Save Cancel
• 

  0

  devsumati created 15 days ago

  Yes that's the problem I am trying to solve

  Save Cancel
• 

  0

  maliming created 15 days ago

  Support Team Fullstack Developer

  hi

  This is an environment/deployment problem, I have no experience.

  Save Cancel
• 

  0

  devsumati created 15 days ago

  hi

  This is an environment/deployment problem, I have no experience.

  Hi maliming, Could you please assign this ticket to the team who has experience related to this.

  Save Cancel
• 

  0

  maliming created 15 days ago

  Support Team Fullstack Developer

  hi.

  I have asked. You should check your reverse proxy configuration.

  Save Cancel