Reputation: 146
Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery Error in IIS
I have the following problem. ASP website that is using and web api hosted on the windows server 2012. The site is working true VS but when i deploy it to production i got the following error:
20-04-24 08:55:56.365 +03:00 [Error] [Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery] [{ Id: 7, Name: "TokenDeserializeException" }] An exception was thrown while deserializing the token.
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
---> System.Security.Cryptography.CryptographicException: The key {e790d979-a748-4094-8c5e-d3496ca4f915} was not found in the key ring.
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)
I am using the same database and connection string same endpoint
Upvotes: 0
Views: 3989
Answers (2)
Reputation: 1607
Since the OP didn't provide enough details, I want to provide a solution that worked for me. In my case, I have an ASP.NET Core MVC view that posts to a controller action. Adding the asp-antiforgery attribute fixed the issue for me.
<form asp-controller="Home" asp-action="Index" method="post" asp-antiforgery="false">
...
</form>
Per verbatim from this link:
- In ASP.NET Core 2.0 or later, the FormTagHelper injects antiforgery tokens into HTML form elements.
- Similarly, IHtmlHelper.BeginForm generates antiforgery tokens by default if the form's method isn't GET.
Upvotes: -1
Reputation: 41
Had OP mentioned error message combined with these:
System.Security.Cryptography.CryptographicException: The key {327bb8b3-8add-4eb2-9bc9-edf358f19a3a} was not found in the key ring.
ApplicationUserAccessor _context.HttpContext null.
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[59]
warn: Microsoft.AspNetCore.DataProtection.Repositories.EphemeralXmlRepository[50]
Defining AddDataProtection to UNC folder as per docs here solved all these messages.
Here's sample of my code:
var pgrmData = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData);
Directory.CreateDirectory($"{pgrmData}\\myaspnetwebapp\\keys");
services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo($"{pgrmData}\\myaspnetwebapp\\keys"));
Upvotes: 1
Related Questions
- Microsoft.AspNetCore.Antiforgery was not found
- CS1617: Invalid option ‘6’ for /langversion; must be ISO-1, ISO-2, 3, 4, 5 or Default
- .NET Core app unable to start in IIS due to ErrorCode = '0x80004005 : 80008083
- How to solve this issue whlie run .net core web application
- The Application is configured to use IIS (Visual Studio 2017/2019)
- ASP.NET Core ErrorCode = '0x80004005' : 80008082
- ASP.NET Core Web - The required antiforgery cookie ".AspNetCore.Antiforgery.wRFSYju6cwY" is not present
- ASP.NET core running in IIS startup error logging
- ASP.NET core fails on with
- Startup.cs error (ASP.Net Core configuration)