1金币
问题
我们服务器不允许使用80端口,所以监听了81端口
现在重定向到鉴权页面(connect/authorize)时,会报错然后跳转到错误页面(home/error),同时端口变为80,而不是81
目前怀疑是访问 http://bi.tsjyy.cn/signin-oidc 时没有指定为81端口,导致鉴权失败
版本: grapecitycn/wyn-enterprise:3.0.04172.0
部署环境: linux + docker:20.10.6
跳转截图
第一次跳转
第二次跳转
错误日志
- 27-May-2021 10:12:57.091 +00:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
- 27-May-2021 10:12:57.092 +00:00 [ERR] Invalid redirect_uri: http://bi.tsjyy.cn/signin-oidc
- {"ClientId":"http-portal","ClientName":"Portal","RedirectUri":null,"AllowedRedirectUris":["http://bi.tsjyy.cn:81/signin-oidc"],"SubjectId":"anonymous","ResponseType":null,"ResponseMode":null,"GrantType":null,"RequestedScopes":"","State":null,"UiLocales":null,"Nonce":null,"AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":null,"MaxAge":null,"LoginHint":null,"SessionId":null,"Raw":{"client_id":"http-portal","redirect_uri":"http://bi.tsjyy.cn/signin-oidc","response_type":"code id_token","scope":"offline_access server_portal storage scheduler cache openid profile email","response_mode":"form_post","nonce":"ZjUyZWZjMGEtZTk1ZC00NzA1LWE2ZTgtNjlhMzVkZjIyZjg3YTc5MjI2OWItYmZkYS00Mzg4LWI1NzgtMWFmYzE0ZWQ1OGMz","state":"CfDJ8OBFSG7UBTpHnHg3aCC615iducqo0xy-oMy8n2AYHLbB-AZ2N7RSM_P1zGyVvbRGxbj_ybsmScNlB4Uaoi35yRyZd_nYt_eNg67SW-O0Ctakm63Ilw7DFfM8BJbv_BnXPLe26gfylUwM0-uZ-hNOy_T7KcxtAPqcaBpkTknEzAez","x-client-SKU":"ID_NETSTANDARD2_0","x-client-ver":"5.3.0.0"},"$type":"AuthorizeRequestValidationLog"}
- 27-May-2021 10:12:57.092 +00:00 [ERR] Request validation failed
- 27-May-2021 10:12:57.092 +00:00 [INF] {"ClientId":"http-portal","ClientName":"Portal","RedirectUri":null,"AllowedRedirectUris":["http://bi.tsjyy.cn:81/signin-oidc"],"SubjectId":"anonymous","ResponseType":null,"ResponseMode":null,"GrantType":null,"RequestedScopes":"","State":null,"UiLocales":null,"Nonce":null,"AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":null,"MaxAge":null,"LoginHint":null,"SessionId":null,"Raw":{"client_id":"http-portal","redirect_uri":"http://bi.tsjyy.cn/signin-oidc","response_type":"code id_token","scope":"offline_access server_portal storage scheduler cache openid profile email","response_mode":"form_post","nonce":"ZjUyZWZjMGEtZTk1ZC00NzA1LWE2ZTgtNjlhMzVkZjIyZjg3YTc5MjI2OWItYmZkYS00Mzg4LWI1NzgtMWFmYzE0ZWQ1OGMz","state":"CfDJ8OBFSG7UBTpHnHg3aCC615iducqo0xy-oMy8n2AYHLbB-AZ2N7RSM_P1zGyVvbRGxbj_ybsmScNlB4Uaoi35yRyZd_nYt_eNg67SW-O0Ctakm63Ilw7DFfM8BJbv_BnXPLe26gfylUwM0-uZ-hNOy_T7KcxtAPqcaBpkTknEzAez","x-client-SKU":"ID_NETSTANDARD2_0","x-client-ver":"5.3.0.0"},"$type":"AuthorizeRequestValidationLog"}
复制代码
环境变量
- PORTAL_URI="bi.tsjyy.cn:81"
- WYN_PORTAL_PORT=81
- WYN_SERVER_PORT=51981
- WYN_REPORTING_WORKER_PORT=51982
- WYN_COT_WORKER_PORT=51983
- WYN_HOST_NAME="bi.tsjyy.cn"
复制代码
启动配置
- <?xml version="1.0" encoding="utf-8"?>
- <SystemConfig xmlns:sys="https://extendedxmlserializer.github.io/system" xmlns="clr-namespace:ConfigMigration.Configuration.V32;assembly=ConfigMigration">
- <Version>3.2</Version>
- <GlobalSettings>
- <IdentityServerUrl>http://$PORTAL_URI</IdentityServerUrl>
- </GlobalSettings>
- <Services>
- <Server>
- <Urls>http://*:$WYN_SERVER_PORT</Urls>
- <Storage>
- <Engine>$DB_PROVIDER</Engine>
- <ConnectionString>$DATABASE_CONNECTIONSTRING_SERVER</ConnectionString>
- </Storage>
- <DataExtraction>
- <StorageType>$DB_PROVIDER</StorageType>
- <ConnectionString>$DATABASE_CONNECTIONSTRING_DATACACHE</ConnectionString>
- </DataExtraction>
- </Server>
- <Portal>
- <Urls>http://*:$WYN_PORTAL_PORT</Urls>
- <AuthorizedWebApplicationUrls>
- <sys:string>http://$PORTAL_URI</sys:string>
- </AuthorizedWebApplicationUrls>
- <StorageProvider>$DB_PROVIDER</StorageProvider>
- <ConnectionString>$DATABASE_CONNECTIONSTRING_IS</ConnectionString>
- </Portal>
- <Worker>
- <Urls>http://$WYN_HOST_NAME:$WYN_REPORTING_WORKER_PORT</Urls>
- </Worker>
- <CotWorker>
- <Urls>http://$WYN_HOST_NAME:$WYN_COT_WORKER_PORT</Urls>
- </CotWorker>
- </Services>
- </SystemConfig>
复制代码
|
|