Last post Feb 19, 2018 01:34 PM by Edward Z
Feb 14, 2018 08:57 PM|ganeshmuthuvelu|LINK
In my asp .net core (1.1), I have implemented bearer token authentication and authorization as explained in this article:
1) The asp .net core service is hosted in IIS.
2) The token is set to expire after one day
3) When the user logs in, the token is generated, all the "Authorize" methods work well using the token.
4) However, if the user is idle for sometime and then performs a call to the service, the service returns 401 error and I see the following information in the response headers
WWW-Authenticate: Bearer error="invalid_token", error_description="The signature is invalid"
What's the cause of this error? Is the token expired (but I set it to expire after 1 day)
Can someone help what's causing the issue? Is it the IIS doing something?
Feb 15, 2018 07:25 AM|Edward Z|LINK
Per to this error message, I suggest you check whether solution below works for you.
#Jwt Authorization .NET Core 2.0 always return Unauthorized (HTTP 401) #2193
It would be helpful if you could share us your project and detail steps to reproduce your issue.
Feb 15, 2018 09:13 PM|ganeshmuthuvelu|LINK
Thanks, but I like I said earlier it does work for at least 20-30 minutes, I would say.
The link that you referred is for a scenario where it always returns 401 error.
Just curious, is it possible that the IIS terminates the ASP .NET Core process executable after some time of inactivity (idling)?
Feb 19, 2018 01:34 PM|Edward Z|LINK
Did you change anything from the project of the provided link?
If you download the project, and host it in IIS, will this issue happen again?