CORS errors after deploying IIS - UI: Angular #694 | Support Center | ABP Commercial

david.hurtado created 3 years ago

ABP Framework version: v4.0.1
UI type: Angular
Tiered (MVC) or Identity Server Seperated (Angular): no
Exception message and stack trace: Access to XMLHttpRequest at 'https://api.server.com:51114/.well-known/openid-configuration' from origin 'https://front.server.com:51113' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Steps to reproduce the issue:

We publish an empty app generate with ABP Suite. The deployment of the project is on IIS. API show me Swagger page and Angular Front app is runing but after make login i got this console error:

***Access to XMLHttpRequest at 'https://api.server.com:51114/.well-known/openid-configuration' from origin 'https://front.server.com:51113' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource***.
And the error promt is this:
***An error has occurred!
http failure response for https://api.server.com:51114/api/abp/application-configuration: 0 Unknown Error***

Checkig on the API's log file i found following code:
***[ERR] Connection ID "16717361818409893977", Request ID "8000005a-0000-e800-b63f-84710c7967bb": An unhandled exception was thrown by the application.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://api.server.com:51114/.well-known/openid-configuration'.
---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://front.server.com:51114/.well-known/openid-configuration'.
---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
---> System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host***

This is code that i have on the API

private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
   context.Services.AddAuthentication()
       .AddJwtBearer(options =>
       {
           options.Authority = configuration["AuthServer:Authority"];
           options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); ;
           options.Audience = "Tickets";
           options.BackchannelHttpHandler = new HttpClientHandler()
           {
               ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
           };
       });
}

    ***Google the error, someone says it's certificate error so we recreate a new certificate, but same error.***

6 Answer(s)

0

maliming created 3 years ago
Support Team Fullstack Developer

hi david.hurtado

Can you share your project's appsettings.json file?

david.hurtado created 3 years ago

Hi maliming. This is appsetting.json from API

{
  "App": {
    "SelfUrl": "https://api.server.com:51114",
    "ClientUrl": "https://front.server.com:51113",
    "CorsOrigins": "https://.server.com,https://front.server.com:51113,https://api.server.com:51114"
  },
  "ConnectionStrings": {
    "Default": "Data Source=XXXX-01;Initial Catalog=TicketsADB;Integrated Security=True"
  },
  "AuthServer": {
    "Authority": "https://api.server.com:51114",
    "RequireHttpsMetadata": "false"
  },
  "StringEncryption": {
    "DefaultPassPhrase": "XXXXXX0frz1ifcLs"
  },
  "Settings": {
    "Volo.Abp.LeptonTheme.Style": "Style1", / Options: Style1, Style2... Style6 /
    "Volo.Abp.LeptonTheme.Layout.MenuPlacement": "Left", / Options: Left, Top /
    "Volo.Abp.LeptonTheme.Layout.MenuStatus": "AlwaysOpened", / Options: AlwaysOpened, OpenOnHover /
    "Volo.Abp.LeptonTheme.Layout.Boxed": "False", / Options: True, False */
    "Abp.Mailing.Smtp.Host": "127.0.0.1",
    "Abp.Mailing.Smtp.Port": "25",
    "Abp.Mailing.Smtp.UserName": "",
    "Abp.Mailing.Smtp.Password": "",
    "Abp.Mailing.Smtp.Domain": "",
    "Abp.Mailing.Smtp.EnableSsl": "false",
    "Abp.Mailing.Smtp.UseDefaultCredentials": "true",
    "Abp.Mailing.DefaultFromAddress": "noreply@abp.io",
    "Abp.Mailing.DefaultFromDisplayName": "ABP application"
  },
  "AbpLicenseCode

This is appsetting.json from MigratorDb

{
  "ConnectionStrings": {
    "Default": "Data Source=XXXX-01;Initial Catalog=TicketsADB;Integrated Security=True"
  },
  "IdentityServer": {
    "Clients": {
      "Tickets_Web": {
        "ClientId": "Tickets_Web",
        "RootUrl": "https://api.server.com:51114"
      },
      "Tickets_App": {
        "ClientId": "Tickets_App",
        "RootUrl": "https://front.server.com:51113"
      },
      "Tickets_Blazor": {
        "ClientId": "Tickets_Blazor",
        "RootUrl": "https://front.server.com:51113"
      },
      "Tickets_Swagger": {
        "ClientId": "Tickets_Swagger",
        "ClientSecret": "1q2w3e*",
        "RootUrl": "https://api.server.com:51114"
      }
    }
  },

0

maliming created 3 years ago
Support Team Fullstack Developer

hi @david.hurtado

Can I check it remotely? liming.ma@volosoft.com
0

david.hurtado created 3 years ago

hi @maliming yes, i can share my screen. I send you an email.
0

maliming created 3 years ago
Support Team Fullstack Developer

The problem exists in the IIS server, it has nothing to do with us
0

david.hurtado created 3 years ago

Thanks @maliming, problem was solved. It was reletated to activate TLS protocols on the server.

1

Have an answer to this question? Log in and write your answer.