StoneAgeTechnologies
StatusCode cannot be set because the response has already started.
I'm using 1.1.0 of this filter because we're still on .NET Core 3.1.
When I navigate to the Hangfire Dashboard, the username and password dialog box pops up. Before I enter any credentials, I see an InvalidOperationException in the Kestrel console.
I also see the same thing in my application logs when this is deployed to Azure:
Category: Microsoft.AspNetCore.Server.IIS.Core.IISHttpServer
EventId: 2
RequestId: 8000021b-0000-e300-b63f-84710c7967bb
RequestPath: /
SpanId: |ed35527c-4ab87a93a78c9666.
TraceId: ed35527c-4ab87a93a78c9666
ParentId:
Connection ID "16357073848220254742", Request ID "8000021b-0000-e300-b63f-84710c7967bb": An unhandled exception was thrown by the application.
Exception:
System.InvalidOperationException: StatusCode cannot be set because the response has already started.
at Microsoft.AspNetCore.Server.IIS.Core.IISHttpContext.ThrowResponseAlreadyStartedException(String name)
at Microsoft.AspNetCore.Server.IIS.Core.IISHttpContext.set_StatusCode(Int32 value)
at Hangfire.Dashboard.AspNetCoreDashboardMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Builder.Extensions.MapMiddleware.Invoke(HttpContext context)
at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
at Hellang.Middleware.ProblemDetails.ProblemDetailsMiddleware.Invoke(HttpContext context)
at Hellang.Middleware.ProblemDetails.ProblemDetailsMiddleware.HandleException(HttpContext context, ExceptionDispatchInfo edi)
at Hellang.Middleware.ProblemDetails.ProblemDetailsMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at CorrelationId.CorrelationIdMiddleware.Invoke(HttpContext context, ICorrelationContextFactory correlationContextFactory)
at NewRelic.Providers.Wrapper.AspNetCore.WrapPipelineMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Server.IIS.Core.IISHttpContextOfT`1.ProcessRequestAsync()
I had the same issue on .NET Core 6.
Fixed it by removing line https://github.com/StoneAgeTechnologies/HangfireBasicAuthenticationFilter/blob/master/source/HangfireBasicAuthenticationFilter/HangfireCustomBasicAuthenticationFilter.cs#L93
httpContext.Response.WriteAsync("Authentication is required.");
I had the same issue on .NET Core 6.
Fixed it by removing line https://github.com/StoneAgeTechnologies/HangfireBasicAuthenticationFilter/blob/master/source/HangfireBasicAuthenticationFilter/HangfireCustomBasicAuthenticationFilter.cs#L93
httpContext.Response.WriteAsync("Authentication is required.");
I had the same issue with .NET Core 6
I fixed the issue by removing AsyncAuthorization = null from my Program.cs file
app.UseHangfireDashboard(
pathMatch: "/hangfire",
options: new DashboardOptions
{
DashboardTitle = "My Hangfire Dashboard",
DisplayNameFunc = null,
IgnoreAntiforgeryToken = false,
TimeZoneResolver = null,
AppPath = "https://localhost:7219/swagger",
// AsyncAuthorization = null,
Authorization = new[]
{
new HangfireCustomBasicAuthenticationFilter
{
// read Hangfire username and password from appsettings.json
User = app.Configuration["HangfireSettings:Username"],
Pass = app.Configuration["HangfireSettings:Password"]
}
},
IsReadOnlyFunc = null,
StatsPollingInterval = 0
});
The line you mentioned doesn't seem to have an effect.
I tried and it works with our without it, as long as AsyncAuthorization = null is not present.
You can use httpContext.Response.OnStarting, for example:
private static bool Challenge(HttpContext httpContext)
{
httpContext.Response.OnStarting(async () =>
{
httpContext.Response.StatusCode = 401;
httpContext.Response.Headers
.Append("WWW-Authenticate", "Basic realm=\"Hangfire Dashboard\"");
await httpContext.Response.WriteAsync("Authentication is required.");
});
return false;
}
