Clever Geek Handbook

Identity Server 4 Run behind a load balancer

I have Identity Server 4 installed for my project using Entity Framework. I have already configured the service to use the saved grant store and signed certificate.

services.AddIdentityServer()
        .AddSigningCredential(Config.GetSigningCertificate())
        .AddResourceOwnerValidator<ResourceOwnerPasswordValidator>()
        .AddProfileService<ProfileService>()
        .AddConfigurationStore(builder =>
                    builder.UseSqlServer(connectionString, options =>
                        options.MigrationsAssembly(migrationsAssembly)))
        .AddOperationalStore(builder =>
                    builder.UseSqlServer(connectionString, options =>
                        options.MigrationsAssembly(migrationsAssembly)));

Here is the configuration for the service.

The problem is that I am running my server behind a load balancer, for example for two identical instances handling the whole request, the server where the user is not logged in failed to decode the JWT token resulting in 401 unauthorized errors.

I am guessing that the method of defining tokens or labeling them is the problem, but I cannot find a way to solve this problem.

Here's the rest of my configuration.

Configuration:

app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
      Authority = url,
      // Authority = "http://localhost:5000",
      AllowedScopes = { "WebAPI" },
      RequireHttpsMetadata = false,
      AutomaticAuthenticate = true,
      AutomaticChallenge = true,

});

Customer:

new Client
{
     ClientId = "Angular2SPA",
     AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, // Resource Owner Password Credential grant.
     AllowAccessTokensViaBrowser = true,
     RequireClientSecret = false, // This client does not need a secret to request tokens from the token endpoint.
     AccessTokenLifetime = 7200, // Lifetime of access token in seconds.
     AllowedScopes = {
                       IdentityServerConstants.StandardScopes.OpenId, // For UserInfo endpoint.
                       IdentityServerConstants.StandardScopes.Profile,
                       "roles",
                       "WebAPI"
                      },
     AllowOfflineAccess = true, // For refresh token.
     AccessTokenType = AccessTokenType.Jwt

}

I also implemented my own IResourceOwnerPasswordValidator and IProfileService.

Any idea why this is happening?

+3
c # .net asp.net-core asp.net-identity


source to share


No one has answered this question yet

Check out similar questions:

1424
How to fix "The breakpoint will not be removed at this time. No symbols have been loaded for this document." warning?
4
implementation of roles in identity server 4 with id asp.net
3
In Identity Server 4 I have a User ID but 0 claims
2
Identity Server 4 and ASP.NET Basic Identity
1
Net Core 2.0 - JWT media that does not protect routes
1
JWT token validation from Identity 4 server
1
API allowed without authorization headers in request using Identity Server 4 and .net core Identity
0
How to get an authorization code from an identity server without a login form
0
How do I fix the [Authorize (Roles = "Manager")] unapproved usage status always returned?
0
Server 4 authentication without token based authentication in .net core app


More articles:


All Articles
Loading...
X
Show
Funny
Dev
Pics