Error 401 (Unauthorized) IdentityServer 4 and ServiceFabric (5 nodes)

Navigation
0

I have implemented the Identity Server 4 and the service fabric, both in 5 nodes which causes the session to be lost, since the node that created the token is not the same node that validates it.

I tried only to use an instance of the IdentityServer, so I solved part of the problem (see token information), but in the same way when trying to use any service fabric driver, it will be sent to me in most cases 401, since unless the node that responds is the same as the one that created the token, error 401 will come out. Any solution?

Example of the API startup 

services.AddAuthentication("Bearer")
        .AddIdentityServerAuthentication(options => {
            options.Authority = Configuration.GetSection("Data").GetValue<string>("TenantsURL");
            options.RequireHttpsMetadata = false;
            options.ApiName = Configuration.GetSection("Data").GetValue<string>("ApiName");
        });
    
asked by Daniel Henao 25.04.2018 в 17:40
source

1 answer

0

I have the same configuration as you, only that for now I have service-fabric on-premise (and in a future versions I would have to do deploy in Azure)

There are several microservices (mostly .NET Core), one is Auth with IdentityServer4.

We have the tests in 1 and 5 nodes.

But always behind a Reverse-Proxy

Thus the clients only access to a single endpoint (URL of the APIs) and internally the Reverse-Proxy makes the query to the application within the Service Fabric. And it's always through a single endpoint it does not matter which node responds.

For that reason, we always access with the same host and port to the auth service.

And in the Authority property of AddIdentityServerAuthentication I place the reverse proxy endpoint 

...options.Authority = "[endpoint-reverse-proxy-con-auth]"

As I still do not have it in Azure I do not have it configured, but you should do it here perform with Azure Load Balancer to map.

Links that can help you

I hope it will help or guide you

    
answered by 28.04.2018 в 23:09
Update Fragment from CardView How to show alert when search does not match BD - PHP