Open UrbimDeveloper opened 6 months ago
Can you say more about what you mean by "the HttpContext is lost"? What exactly happens and where do you observe it? FWIW this doc is worth reviewing: https://learn.microsoft.com/en-us/aspnet/core/fundamentals/http-context?view=aspnetcore-8.0#httpcontext-access-from-a-background-thread
Crucially, HttpContext isn't thread-safe, and you shouldn't pass it around to do background work.
By the way, totally unrelated to the issue, but just curious because of how you described your services-based app, have you explored .NET Aspire?
This is a big clue:
Error unprotecting the session cookie. System.Security.Cryptography.CryptographicException: The key {bc1e3537-e07d-4056-993f-89f14e7315b3} was not found in the key ring.
It appears that session state encryption is enabled, and that the key is changing.
Hello,
For a while now we are experiencing an error with the HttpContext in our platform. To be more exact the HttpContext information is being lost. Our platform uses IIS, Docker Desktop and .Net (5, 6 and 7) on a Windows Server 2022 standard.
We initially had several Docker containers running in Docker Desktop (.Net 7 APIs), but due to several issues with Docker Desktop, we decided to move most of them to IIS, leaving only one Redis container inside Docker (we use Redis to store info about permissions in our platform, but not to persist cookies).
When publishing and deploying the platform to the test server, where there is another environment with all the microservices still inside Docker, we started having problems with the application HttpContext (after some time running, the HttpContext is lost).
We have an Authentication Filter where we check the content of the HttpContext object. If the HttpContext is null we raise an error that makes the IIS AppPool of the main MVC site (where the Filter code is placed) stop.
Looking at the registry errors we just find this (not sure about the relationship with the issue):
16:35:30.284 +02:00 [Warning] [Microsoft.AspNetCore.Session.SessionMiddleware] Error unprotecting the session cookie. System.Security.Cryptography.CryptographicException: The key {bc1e3537-e07d-4056-993f-89f14e7315b3} was not found in the key ring. at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData) at Microsoft.AspNetCore.Session.CookieProtection.Unprotect(IDataProtector protector, String protectedText, ILogger logger)
We don't have any specific configuration for Microsoft.AspNetCore.DataProtection in our code.
To avoid this we have tried several solutions found on different forums without success. We've even tried deleting the keys from C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys, but this just causes the other environment (the one with the microservices still running inside Docker) to fail.
We can quickly reproduce the error by initializing our platform with the same user in two different browsers.
We just configure session by doing this:
Any idea about what is happening and how to solve it?
Thanks a lot in advance.