Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Unclear how to catch "System.Exception: Correlation failed." and prevent HTTP 500
See original GitHub issueIs there an existing issue for this?
- I have searched the existing issues
Describe the bug
This appears to be an issue with ASP.NET RemoteAuthenticationHandler. When this exception is thrown due to this line in the OpenIdConnectHandler (“Correlation failed.”), we end up returning an HTTP 500 error because that exception is not caught. It’s not obvious how it can be caught.
Expected Behavior
We expect there to be some way to catch that exception so we can redirect to an error page rather than returning an HTTP 500. We’re interested in what the recommended ASP.NET approach is to catching and handling this particular exception.
Steps To Reproduce
Unclear, we suspect our users are hitting the back/forward button on our login page or otherwise allowing the cookie to time out, then trying to log in which causes the “Correlation failed.” exception.
Exceptions (if any)
System.Exception: An error was encountered while handling the remote login.
---> System.Exception: Correlation failed.
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Duende.IdentityServer.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync() in /_/src/IdentityServer/Hosting/FederatedSignOut/AuthenticationRequestHandlerWrapper.cs:line 52
at Duende.IdentityServer.Hosting.DynamicProviders.DynamicSchemeAuthenticationMiddleware.Invoke(HttpContext context) in /_/src/IdentityServer/Hosting/DynamicProviders/DynamicSchemes/DynamicSchemeAuthenticationMiddleware.cs:line 48
at Duende.IdentityServer.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) in /_/src/IdentityServer/Hosting/BaseUrlMiddleware.cs:line 28
at <... our code from here on>
.NET Version
6.0.403
Anything else?
- Package versions:
- Microsoft.AspNetCore.Authentication.OpenIdConnect version 6.0.8
- Possibly relevant discussions that other people have had around the same issue circa 2018 with workarounds
Issue Analytics
- State:
- Created 9 months ago
- Reactions:6
- Comments:7 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
It’s an annoying exception that we don’t have a good way to catch it in our middleware. Many thanks to those who are working on it.
Thanks for contacting us.
We’re moving this issue to the
.NET 8 Planningmilestone for future evaluation / consideration. We would like to keep this around to collect more feedback, which can help us with prioritizing this work. We will re-evaluate this issue, during our next planning meeting(s). If we later determine, that the issue has no community involvement, or it’s very rare and low-impact issue, we will close it - so that the team can focus on more important and high impact issues. To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.