我只是按照以下說明here。帶有HTTPS和多個實例的Azure ACS錯誤
但我仍然在我的ASP.NET MVC3應用程序運行在Azure上的HTTPS端點上出現奇怪的問題。我已加載HTTPS證書,並且在一段時間內在單個角色實例上始終如一地部署,而且沒有任何問題。但是,最近我開始部署多個實例,並遇到'密鑰無法在指定狀態下使用'並且'值不能爲空。參數名稱:證書的錯誤。
但是我現在一個新問題:「無法讀取超出流的末尾」
看起來很香草。在查看堆棧跟蹤之前,從DPAPI轉換到RSA cookie轉換的問題並不明顯。
[EndOfStreamException:無法讀取超出流的末尾] System.IO.MemoryStream.InternalReadInt32()12750266 Microsoft.IdentityModel.Web.RsaEncryptionCookieTransform.Decode(字節[]編碼)369 Microsoft.IdentityModel.Tokens.SessionSecurityTokenHandler.ApplyTransforms(字節[]餅乾,布爾出站)189 Microsoft.IdentityModel.Tokens.SessionSecurityTokenHandler.ReadToken(的XmlReader讀取器,SecurityTokenResolver tokenResolver)862 Microsoft.IdentityModel.Tokens.SessionSecurityTokenHandler.ReadToken (Byte []令牌,SecurityTokenResolver tokenResolver)+109 Microsoft.IdentityModel.Web.SessionAuthentication Module.ReadSessionTokenFromCookie(字節[] sessionCookie)356 Microsoft.IdentityModel.Web.SessionAuthenticationModule.TryReadSessionTokenFromCookie(SessionSecurityToken & sessionToken)123 Microsoft.IdentityModel.Web.SessionAuthenticationModule.OnAuthenticateRequest(對象發件人,EventArgs EventArgs的)61 系統。 Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()+ 80 System.Web.HttpApplication.ExecuteStep(IExecutionStep一步,布爾& completedSynchronously)+270
我加入以下代碼爲全局。 asax:
void OnServiceConfigurationCreated(object sender, ServiceConfigurationCreatedEventArgs e)
{
//
// Use the <serviceCertificate> to protect the cookies that are sent to the client.
//
List<CookieTransform> sessionTransforms = new List<CookieTransform>(
new CookieTransform[] {
new DeflateCookieTransform(),
new RsaEncryptionCookieTransform(e.ServiceConfiguration.ServiceCertificate) });
SessionSecurityTokenHandler sessionHandler = new SessionSecurityTokenHandler(sessionTransforms.AsReadOnly());
e.ServiceConfiguration.SecurityTokenHandlers.AddOrReplace(sessionHandler);
}
除了這個代碼:
void WSFederationAuthenticationModule_RedirectingToIdentityProvider(object sender, RedirectingToIdentityProviderEventArgs e)
{
// In the Windows Azure environment, build a wreply parameter for the SignIn request
// that reflects the real address of the application.
HttpRequest request = HttpContext.Current.Request;
Uri requestUrl = request.Url;
StringBuilder wreply = new StringBuilder();
wreply.Append(requestUrl.Scheme); // e.g. "http" or "https"
wreply.Append("://");
wreply.Append(request.Headers["Host"] ?? requestUrl.Authority);
wreply.Append(request.ApplicationPath);
if (!request.ApplicationPath.EndsWith("/")) wreply.Append("/"); e.SignInRequestMessage.Reply = wreply.ToString();
}
我也有這個問題。這非常令人沮喪 - 如果你找到了解決方案,請讓我知道! – 2012-06-03 19:15:40