- ABP Framework version: v3.0.5
- UI type:MVC
- Tiered (MVC) or Identity Server Seperated (Angular): no
- Exception message and stack trace:
- Steps to reproduce the issue:
If I run it with https, I can login, but when I run it with http, I cannot login. If I use http in appsettings and iis settings, I cannot login. I wonder what I need to do to run it with http://localhost:XXXX.
Thanks.
5 Answer(s)
-
0
Hi,
Please see https://docs.microsoft.com/en-gb/dotnet/core/compatibility/3.0-3.1#http-browser-samesite-changes-impact-authentication and discuss aspnetcore : https://github.com/dotnet/aspnetcore/issues/14996. This is the default behavior of chrome.
Update the
ConfigureAuthenticationmethod of the**YourProjectName**WebModuleclass. like:context.Services.AddAuthentication() .AddIdentityServerAuthentication(options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = false; options.ApiName = "qa"; }) // add this .Services.ConfigureApplicationCookie(options => { options.Cookie.SameSite = SameSiteMode.Unspecified; });However, recommend you to use
https. -
0
Hi @liangshiwei thanks your answer
-
0
I had this problem today--affected both HTTP and HTTPS in absolute latest version of Chrome
Firefox was OK but still complained in console warnings about SameSite cookies
I implemented the above code change as recommended by liangshiwei and it seems to have corrected the problem
Is the recommended code change a permanent solution or only a temporary workaround?
-
0
Hi @robb@designitcorp.ca, You should use
httpsas the solution, If you really want to use http, you need to check the browser and set thesamesite, See https://github.com/IdentityServer/IdentityServer4/issues/4165 -
0
I am using HTTPS
I still had to make the above code change to get it to work
