Activities of "Navneet@aol.com.au"
Hi Anjali,
Any update?
Thx, Navneet
Hi Anjali,
It's not working with MVC, please see the attached screenshot
. . . By default, all users have access to all applications in the screenshot below, I want to restrict the access to applications and don't want them to get tokens as well when they use Postman https://localhost:44359/connect/token, how can I restrict the access by USER or ROLE management
Many thx, Navneet
Thanks Anjali, I will try and come back to you
- ABP Framework version: v7.3.3
- UI Type: MVC and Angular
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
- Exception message and full stack trace:
- Steps to reproduce the issue:
Hi Team,
I have two applications in MVC and Angular and I like my users to use below AuthServer page as:
- User landed on the AuthServer page
- Login by clicking on the login button (already there)
- Once the user is logged in, I want my user to be allowed to click on the Applications link (either MVC or Angular) to redirect
- The user lands on the application as pre-authenticated.
Currently, when the user lands on MVC, it does not show authenticated but asks to log in by clicking the login button.
How can I redirect my users to MVC app from AuthServer page as pre-authenticated?
Many thx, Navneet
ABP Suite most wanted feature has been implemented. Your custom code will not be overwritten anymore https://commercial.abp.io/releases/pr/14629
This is Amazing addition to Suite. Well done ABP Team.
Can ABP team create a customisation sample for us to learn for-example adding collection/List to RootEntity, Domain Services, EFcore and Application Services and then regenerate based code
- Love to see if ABP Suite can generate separate pages for Create and Edit Model.
- When creating a new layered Application via ABP Suite, an option to add all UI (MVC, Blazor, Maui, Angler...) in one go, similar is already possible with Module but not with Application.
- Generate CRUD from Entity Classes
Hi,
In your code suggestions what is the reason to use Ignore(), see below
Add automapper config:
CreateMap<OpenIddictApplication, ApplicationDto>() .ForMember(des=>des.Scopes,src =>src.Ignore()) .ForMember(des=>des.PostLogoutRedirectUris,src =>src.Ignore()) .ForMember(des=>des.RedirectUris,src =>src.Ignore());
So far I didn’t have success to configure user permission.
If any other user have manage to achieve it, then please share, otherwise all good to close this ticket
Regards Navneet
Thanks Liangshiwei,
Token was only one example, do I need to override any other controller to control the access of users to the application.
Regards, Navneet
Hi liangshiwei,
I have reviewed your code suggestion, however the authorisation logic does not work, to reproduce the issue:
Create a new user as: Username: test@test.com password: 1q2w3E*
Create a new Application Go to OpenID -> Application Create new Application ClientID: DemoWebApp DisplayName: Demo App Client Secret: 1q2w3e* Select all Scopes Select Checkbox of "Allow Password Flow"
In postman, https://localhost:xxx/connect/token client_id: DemoWebApp client_secret:1q2w3e* scope:roles phone grant_type:password username:test@test.com password:1q2w3E*
You will notice that, even though, application wasn't assigned to User, user is able to get access token, where as, desired outcome should be Access Denied
Could you please suggest, what can I do to get it work
Regards, Navneet
WOW you just blew my mind :-)
If you still have that project you created, could you please share with me by email.
Also, Instead of using my MainApp to create your suggested navigation, do you think, I can create in a ABP custom Module for above custom changes, then use it as plugin Module.
Request: Could you please explain how exactly your suggested code works?
Many thanks, Regards, Navneet