locked
ASP.net identitfy framework on Azure - error when doing email based registration RRS feed

  • Question

  • Hi,

    When trying to do email based registration using identity framework on azure, we get an error code. This does not happen locally and does not happen when registration is not based on email. We have tried a workaround, but it does not work still.

    Thanks for your help!

    Details:

    When we are registering on Azure web-app, we receive an error from the code that does not happen when testing locally (deployed on local IIS). Also we don't get the error when registering an account with no email address whether on azure or locally.

    The error we get is System.Security.Cryptography.CryptographicException (I've attached a full stack trace) and it seems that the AspNet.Identity registration, calls for some data to be protected, and it uses a DpapiDataProtector class, that most likely does not work on Azure.

    I've consulted the AspNet.Identity source, and the DpapiDataProtector is the default implementation they use, but it's possible to override it with your own. The design is logical, since DPAPI is a sane local default, but it's explicitly not designed for cloud scenarios.

    I've created a machine-key based data protector to use (basically the concept from stack overflow and registered it using the IAppBuilder.Get/SetDataProtectionProvider methods.

     

    As far as I can check the registration is successfull, and AspNet.Identity should use the MachineKeyProtectionProvider, but instead I still get the error with the attached stack trace - meaning, that a DpapiDataProtector still gets incorrectly initialized.

    Wednesday, September 30, 2015 9:22 AM

All replies

  • Mind repost the exception stack on the forum?

    Suwatch

    Wednesday, September 30, 2015 5:38 PM