Hi @alper
I am using the microservices solution. we have 2 angular clients. When I signout from the 1st angular client and sign in as a different tenant. the 2nd Angular client remains logged in with the old signed in tenant till the cookies are cleared/deleted manually.
How can we overcome this issue?
Thanks
@hikalkan
Thanks for the Explaination.
How can we disable a permission when the Feature is Disabled. In our application the permissions are dependent on the features.
So if the feature is disabled we don't want the UI to show the Permissions for the Module. How can we acheive this scenario?
Thanks
Hi @gterdem
I tried the solution from that article it didnt work.
I added options.TokenValidationParameters.ValidateIssuer = false; for all my microservices now it works.
Is it a valid fix and is it applicable for production deployment?
context.Services.AddAuthentication("Bearer")
.AddJwtBearer(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.Audience = configuration["AuthServer:ApiName"];
options.RequireHttpsMetadata = false;
options.TokenValidationParameters.ValidateIssuer = false;
});
So Far I have followed all the suggestions provided above
This is the error i am getting in the logs
SELECT i."Id", i."ConcurrencyStamp", i."CreationTime", i."CreatorId", i."DeleterId", i."DeletionTime", i."Description", i."DisplayName", i."Emphasize", i."Enabled", i."ExtraProperties", i."IsDeleted", i."LastModificationTime", i."LastModifierId", i."Name", i."Required", i."ShowInDiscoveryDocument"
FROM "IdentityServerIdentityResources" AS i
WHERE @__ef_filter__p_0 OR NOT (i."IsDeleted")
ORDER BY i."Id"
Failed executing DbCommand ("1"ms) [Parameters=["@__ef_filter__p_0='?' (DbType = Boolean)"], CommandType='Text', CommandTimeout='30']"
""SELECT i.\"Id\", i.\"ConcurrencyStamp\", i.\"CreationTime\", i.\"CreatorId\", i.\"DeleterId\", i.\"DeletionTime\", i.\"Description\", i.\"DisplayName\", i.\"Emphasize\", i.\"Enabled\", i.\"ExtraProperties\", i.\"IsDeleted\", i.\"LastModificationTime\", i.\"LastModifierId\", i.\"Name\", i.\"Required\", i.\"ShowInDiscoveryDocument\"
FROM \"IdentityServerIdentityResources\" AS i
WHERE @__ef_filter__p_0 OR NOT (i.\"IsDeleted\")
ORDER BY i.\"Id\""
But the problem of angular application redirecting infinitely after login still persists.
It would be helpful if you can connect remotely and provide assistance.
Thank You
Hello @gterdem
I have followed this document. The dev certs only work for localhost.
The communication between containers is the problem since they use the service name as the url.
If you could share any article or documentation for hosting abp microservices with ssl support in docker containers that would be helpful.
thanks
Hi @maliming
I have installed ssl for the localhost.
The apis are unable to access identity server over https inside the container. Is there a way to install a ssl certificate inside the docker container?
The app settings files are correct.
Can you check it remotely if that possible.
Thank You.
Hello @gterdem
I have started to get another issue. The Angular app keeps reloading with the below URL after login to the Identity Server.
http://localhost:4200/?code=A8F1C4F953EF8900F6A62C7D16BA79F3F521EB9ED81A830F7B40E6C1A17C81D2&scope=openid%20profile%20BackendAdminAppGateway%20IdentityService%20SaasManagementService%20IntelligenceService&state=eWMwMmlYekhLclFFQnhWNUtuVW9mYXUwV3JKaFJ6eHk3MmNxc3lwSzNVdGtZ&session_state=IYqsHUIrvGi6j0VkVacwDV3tOeRRWhIw3IL4JZkrlPI.63123765C9DB6819C530237F93BC9AAD
I am getting this error on the gateway IDX20803: Unable to obtain configuration from: 'System.String'.
{
"_index": "msdemo-log-2021.01",
"_type": "_doc",
"_id": "H9eV_3YByTuNQQ71svrw",
"_version": 1,
"_score": null,
"_source": {
"@timestamp": "2021-01-14T06:29:29.3050748+00:00",
"level": "Information",
"messageTemplate": "{AuthenticationScheme} was not authenticated. Failure message: {FailureMessage}",
"message": "\"Bearer\" was not authenticated. Failure message: \"IDX20803: Unable to obtain configuration from: 'System.String'.\"",
"fields": {
"AuthenticationScheme": "Bearer",
"FailureMessage": "IDX20803: Unable to obtain configuration from: 'System.String'.",
"EventId": {
"Id": 7,
"Name": "AuthenticationSchemeNotAuthenticatedWithFailure"
},
"SourceContext": "IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler",
"RequestId": "0HM5OAG96UDBF:0000001E",
"RequestPath": "/api/abp/application-configuration",
"ConnectionId": "0HM5OAG96UDBF",
"Application": "BackendAdminAppGateway"
}
},
"fields": {
"@timestamp": [
"2021-01-14T06:29:29.305Z"
]
},
"highlight": {
"fields.Application.keyword": [
"@kibana-highlighted-field@BackendAdminAppGateway@/kibana-highlighted-field@"
]
},
"sort": [
1610605769305
]
}
"App": { "CorsOrigins": "http://localhost:4200,https://localhost:44374,http://localhost:4201" },`
I am using this function in the configureservices. I also have the cors setup in database.
private void ConfigureCors(ServiceConfigurationContext context, IConfiguration configuration)
{
context.Services.AddCors(options =>
{
options.AddPolicy(DefaultCorsPolicyName, builder =>
{
builder
.WithOrigins(
configuration["App:CorsOrigins"]
.Split(",", StringSplitOptions.RemoveEmptyEntries)
.Select(o => o.RemovePostFix("/"))
.ToArray()
)
.WithAbpExposedHeaders()
.SetIsOriginAllowedToAllowWildcardSubdomains()
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
});
});
}
Also the Auth Server after login doesn't redirect back to the angular application
The entire application works perfectly when run through visual studio.
Is there any workaround we can use to enable/disable modules?