Open Closed

Abp Error from RemoteAuthentication: Correlation failed.. #8771

User avatar
0
heshengli created
  • ABP Framework version: v8.3.4
  • UI Type: Blazor WASM
  • Database System: EF Core ( PostgreSQL.)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue: Auth http://172.16.10.230:44322/ WebApp http://172.16.10.230:44309/

2025-02-10 02:23:13.876 +00:00 [WRN] '.AspNetCore.Correlation.46sDUt15fafe3sWxhr8wSAhTMBdMwKFTXQdLeMMPR6k' cookie not found. 2025-02-10 02:23:13.877 +00:00 [INF] Error from RemoteAuthentication: Correlation failed.. 2025-02-10 02:23:13.879 +00:00 [ERR] An unhandled exception has occurred while executing the request. Microsoft.AspNetCore.Authentication.AuthenticationFailureException: An error was encountered while handling the remote login. ---> Microsoft.AspNetCore.Authentication.AuthenticationFailureException: Correlation failed. --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Prometheus.HttpMetrics.HttpRequestDurationMiddleware.Invoke(HttpContext context) at Prometheus.HttpMetrics.HttpRequestCountMiddleware.Invoke(HttpContext context) at Prometheus.HttpMetrics.HttpInProgressMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.InterfaceMiddlewareBinder.<>c__DisplayClass2_0.<

在http下,有办法解决么

Go to accepted answer
2 Answer(s)
  • User Avatar
    0
    heshengli created

    Correlation ID Not Included in Request Headers in ABP Blazor Project #21419 https://github.com/abpframework/abp/issues/21419 没有合并到8.3.* 分支么

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    Hello,

    The issue occurs because the authentication process relies on cookies, and browsers enforce stricter rules for cross-origin cookies, especially when using HTTP.

    To resolve this issue, you have two options:

    1-) Use HTTPS (Recommended)

    This is the best and most secure solution. Switching your application to HTTPS will ensure that authentication cookies are properly sent between your authentication server and WebAssembly client.

    2-) Modify Cookie Settings (Less Secure Alternative)

    If you must use HTTP, you need to adjust the cookie settings to allow cross-origin authentication. You can find detailed guidance here: https://learn.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-9.0

Assignee
User avatar berkansasmaz
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
Do you need assistance from an ABP expert?
Schedule a Meeting
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v9.2.0-preview. Updated on March 20, 2025, 18:00