Open Closed

Critical problem - All users appears like logged in same user and tenant #3218


User avatar
0
ademaygun created
  • ABP Framework version: v4.4.4
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

Today we faced a really critical problem, all logged in user's in the system (belongs to different tenants) started to be behave like logged in via same tenant and user like XTenant\XUser to the system. Angular side was showing this same tenant and user in top of the right (profile) area. In thi situation we opened Linked Accounts and screen was like below. The problem has been solved after restarting service (app). This problem occured second time. Because of the user's belongs to different tenants see the unrelated (unauthorized) data, this problem is really critical for us. We need urgent support for this.

We are not sure if related with problem, but want to share as an extra information, we realised below error on logs approximately same time:

Invalid extension grant{"error":"TheTargetUserIsNotLinkedToYou"}, details: {"ClientId":"MyApp_App","ClientName":"MyApp_App","GrantType":"LinkLogin","Scopes":"XProject offline_access","AuthorizationCode":"********","RefreshToken":"********","UserName":null,"AuthenticationContextReferenceClasses":null,"Tenant":null,"IdP":null,"Raw":{"grant_type":"LinkLogin","LinkUserId":"39fb9b1b-1ccc-51d0-f52a-964600e6ed13","access_token":"**","client_id":"MyApp_App","client_secret":"***REDACTED***","scope":"offline_access XProject","LinkTenantId":"3a031155-0c87-72e8-5057-48a94e23fce3"},"$type":"TokenRequestValidationLog"}

Note:There are 162 rows in AbpLinkUsers table


14 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Did you make any changes? Is the cache server data correct?

    Can you share a username and password for me to check it online?

    liming.ma@volosoft.com

  • User Avatar
    0
    ademaygun created

    we changed nothing. we sent connection information to your email.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can I check the website online first?

  • User Avatar
    0
    enes.koroglu created

    Hi maliming,

    We send username and password to your mail.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you share more info, account, and steps to let me see the problem?

  • User Avatar
    0
    enes.koroglu created

    As we wrote at first message after restart service the problem lost for now. And i created a host user to you, but the problem occurs under all tenants. And the problem is, the users who see another tenant and account data has not linked account. But the system was behaving like all users has logged in with a specific account (which has linked users and has account under all tenants). Which kind of user you want to see to understand or trace the problem?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    I need to be able to reproduce the problem. then I can start troubleshooting.

  • User Avatar
    0
    enes.koroglu created

    After restarting service problem lost. But we have faced with this problem 2 times. We have this problem on production environment and may cause data leaks. So we cannot wait in a stuation like this. We can share log file with you, or any other thing you want. But as i said it is not possible to wait in stiuation for troubleshooting. How can we find another way to understand the problem?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    We can share log file with you

    OK, Please share the full logs.

  • User Avatar
    0
    enes.koroglu created

    Shared the log file via email. We think problem starts on 2022-06-09 09:48:37 on logs

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    If this is urgent for you, you can temporarily disable this feature by overriding methods in IdentityLinkUserController, returning an empty list, etc., until we find out why.

    In the meantime, you can deploy a version in another environment to try to reproduce the problem.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    I would check the code of the module based on your logs.

  • User Avatar
    0
    enes.koroglu created

    We have a seperate test environment, we did not faced with this problem yet on test env. We will add some linked users and try to cause same problem in test environment to reproducte the problem.

    Also remove all linkedAccounts does the same thing with your suggestion?

    I could not understand what you mean with I would check the code of the module based on your logs. I send log file to you, is enough or do you expect anything from our side?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    I will check the code of the module, you just need to find a way to reproduce the problem.

Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11