Login page redirects to login page again

ghazisarhan · June 16, 2023, 8:31pm

Greetings,
Please bear with me as this is my first post and I'm new to Blazor and Radzen.
I have a Blazor Server project in a Docker container which is behind Apache2 reverse proxy, Apache has a self signed certificate as the website is accessible within local network only, the connection between Apache and the Blazor container is HTTP.
During development I accessed the website using HTTP and it was working fine, but now if I try to login I get redirected to the login page again without an error, I checked the troubleshooting steps in the ASP.NET Core Identity page and it says that the issue is related to the SSL certificate.
I'm wondering if I'm having this issue because I use a self signed certificate? and if this issue is related to Blazor in general or Radzen only, and if this is done intentionally for security reasons or if it a limitation, and if there is a way to overcome this issue with self signed certificate.

Thanks in advance
Ghazi

korchev · June 19, 2023, 5:53am

Hi @ghazisarhan,

You can check this thread: Problems with blazor server behind nginx - #2 by korchev

Try applying those changes in your app and test again.

ghazisarhan · June 19, 2023, 8:31am

Hi korchev,
Thank you for your input, I tried it and it didn't work.

korchev · June 19, 2023, 8:34am

Unfortunately I am out of ideas. It is probably related to certificates and HTTPS. Make sure your server is setup to redirect all HTTP requests to HTTPS. ASP.NET Core Identity uses HTTPS only cookies hence it won't work over plain HTTP.

ghazisarhan · June 19, 2023, 9:03pm

Thank you korchev for the effort, I'll post an update if I came up with a solution.

ghazisarhan · June 23, 2023, 9:47pm

Update to whom might have the same issue, in addition to korchev answer, I had to replace the below in Program.cs:

builder.Services.AddHttpClient("AppName").AddHeaderPropagation(o => o.Headers.Add("Cookie"));

With this:

builder.Services.AddHttpClient("AppName")
    .ConfigurePrimaryHttpMessageHandler(() => new
        HttpClientHandler()
        {
            ClientCertificateOptions = ClientCertificateOption.Manual,
            ServerCertificateCustomValidationCallback = (httpRequestMessage, cert, cetChain, policyErrors) =>
            {
                return true;
            }
        }).AddHeaderPropagation(o => o.Headers.Add("Cookie"));

This is not secured if your website is public on the internet, but if you have an internal site with self signed certificate and you have problem with the login page, then try this.

andsj073 · November 2, 2023, 1:51pm

had the same issue on local dev env, this resolved it

alhaali · November 30, 2023, 8:48am

In my case, I was having issue after publishing to IIS with self-signed SSL. However, it was resolved after assigning a registered SSL certificate.