And you gave the related permissions to the admin user but still getting permission erros? To be sure, this is your newly added microservice with Mongodb right? Please do send a screen record to diagnose better.
Hi, The issue got fixed. I made a mistake. In my Service, I have replaced the EF core injection with MongoDB one. In fact I should had MongoDB injection without removng the EF core injection. After having both it work fine for me. Thanks.
Microservice template and module templates are different from each other. Selecting db for microservice template as
abp new OrderService -t microservice-service-pro -d mongodbis not supported yet.I am able to see the permissions in UI and those are selected still when trying to access my newly created service getting permission issue
What do you mean by access my newly created service? Are you trying to make a request to your newly created microservice from an other microservice? Can you compare it to sample ProductService microservice?
I Already followed the product service and steps and all working fine with the custom service with EF (PermissionUI, CRUD permissions etc) I created one more service and added Mongo specific files/layer manually and used in newly created service. Injected the same in solution in all layers. All UI pages/Permissions are coming perfectly. but when I am making CRUD calls to the service getting the permission issue. If still not clear I may send a screen recording /screenshots of all pages to the email which you mention.
Hi @rick@i-pulse.nl , The issue is there with created js/blazor files. We faced the same issue with our MVC template and we fixed that my modifying the respective index.js file.
actually pruler form is being added where as it is singler .
$(function () { var l = abp.localization.getResource("ProductService"); var productService = window.exceego.EHSWatch.appV3.productService.products.products;
Change to
$(function () { var l = abp.localization.getResource("ProductService"); var productService = window.exceego.EHSWatch.appV3.productService.products.products;
In your case it might be
var brandService = window.company.projectname.brandService.brands.brands;
to
var brandService = window.company.projectname.brandService.brands.brand;
Hope this helps
It worked thanks, but had to do that multiple times one after other :)
I think there still some issues with micro service template, We have added the new service using "abp new OrderService -t microservice-service-pro -d mongodb. Message showed saying the Service is created with MongoDB but It got created with EF core only. After that we followed all steps in https://docs.abp.io/en/commercial/latest/startup-templates/microservice/add-microservice, In fact I am able to make changes to use MongoDB manually and initial setup is good. But Facing some issues with Permissions. I am able to see the permissions in UI and those are selected still when trying to access my newly created service getting permission issue
{ "code": "Volo.Authorization:010001", "message": "Authorization failed! Given policy has not granted.", "details": null, "data": {}, "validationErrors": null }
I cross verified the permission related data in Identity DB and looks good. Also If I comment Authroize attribute in my service. able to do CRUD operations.
Can you please help us.
It worked thanks, but had to do that multiple times one after other :)
Hi @gterdem, My Auth Server is already running with https, in fact all of my services are running with https on my local IIS with IIS self signed certificate.
As you said I have updated by Web layer port to 4510(I dont think this is the issue) but still getting the below certificate error which I mentioned earlier.
2021-04-14 19:22:17.794 +05:30 [INF] Request starting HTTP/2 GET https://localhost:4510/ - -
2021-04-14 19:22:17.852 +05:30 [INF] Start processing HTTP request GET "https://localhost:450/api/abp/api-definition"
2021-04-14 19:22:17.852 +05:30 [INF] Sending HTTP request GET "https://localhost:450/api/abp/api-definition"
2021-04-14 19:22:17.915 +05:30 [ERR] Connection ID "17942340921349636135", Request ID "80000028-0001-f900-b63f-84710c7967bb": An unhandled exception was thrown by the application.Not only the port, the protocol also you need to update. It should be http://localhost.
It is still making requests to old url. Try recycling the application from the iis pool.Although your main problem with https is with your IIS server. The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot. You need to trust your self signed certificate.
I tried those already but didnt worked. Will try with some work around and update you accordingly.
Finally we are able to get that working after using the valid SSL certificate. but with IIS self signed and other generated certificates issue is still there.
I am closing this as it is working with actual SSL certificate. Thanks for the support.
Hi @gterdem, My Auth Server is already running with https, in fact all of my services are running with https on my local IIS with IIS self signed certificate.
As you said I have updated by Web layer port to 4510(I dont think this is the issue) but still getting the below certificate error which I mentioned earlier.
2021-04-14 19:22:17.794 +05:30 [INF] Request starting HTTP/2 GET https://localhost:4510/ - - 2021-04-14 19:22:17.852 +05:30 [INF] Start processing HTTP request GET "https://localhost:450/api/abp/api-definition" 2021-04-14 19:22:17.852 +05:30 [INF] Sending HTTP request GET "https://localhost:450/api/abp/api-definition" 2021-04-14 19:22:17.915 +05:30 [ERR] Connection ID "17942340921349636135", Request ID "80000028-0001-f900-b63f-84710c7967bb": An unhandled exception was thrown by the application.
Not only the port, the protocol also you need to update. It should be http://localhost. It is still making requests to old url. Try recycling the application from the iis pool.
Although your main problem with https is with your IIS server. The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot. You need to trust your self signed certificate.
I tried those already but didnt worked. Will try with some work around and update you accordingly.
ng you can't lo
Hi @gterdem, My Auth Server is already running with https, in fact all of my services are running with https on my local IIS with IIS self signed certificate.
As you said I have updated by Web layer port to 4510(I dont think this is the issue) but still getting the below certificate error which I mentioned earlier.
2021-04-14 19:22:17.794 +05:30 [INF] Request starting HTTP/2 GET https://localhost:4510/ - - 2021-04-14 19:22:17.852 +05:30 [INF] Start processing HTTP request GET "https://localhost:450/api/abp/api-definition" 2021-04-14 19:22:17.852 +05:30 [INF] Sending HTTP request GET "https://localhost:450/api/abp/api-definition" 2021-04-14 19:22:17.915 +05:30 [ERR] Connection ID "17942340921349636135", Request ID "80000028-0001-f900-b63f-84710c7967bb": An unhandled exception was thrown by the application. System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken) --- End of inner exception stack trace ---
Please advise.
There are 3 applications as you have noticed:
- AuthServer (IdentityServer)
- Public application (Razor/MVC)
- Web app (back-office application that can be Razor/Mvc-Angular-Blazor-BlazorServer)
What is your web app? Angular, Razor, Blazor or Blazor.Server?
We are getting the issue when running the UI layer with MVC. DO u have any more questions.
2021-04-06 10:13:40.048 +00:00 [INF] {"ClientId":"EmployeeManagement_Swagger","Category":"Authentication","Name":"Client Authentication Failure","EventType":"Failure","Id":1011,"Message":"Invalid client secret","ActivityId":"8000000b-0003-ff00-b63f-84710c7967bb","TimeStamp":"2021-04-06T10:13:40.0000000Z","ProcessId":12824,"LocalIpAddress":"::1:44322","RemoteIpAddress":"::1","$type":"ClientAuthenticationFailureEvent"} 2021-04-06 10:13:40.048 +00:00 [ERR] Client secret validation failed for client: EmployeeManagement_Swagger.
The client secret you provided is wrong.
I dont think so, because it is getting autenticated in the next attept. If CLient Secret is the proble how come it can be authenticated from next time. If you I can share the screen and show u.
Is the issue solved? IdentityServer doesn't throw random errors.
The logs below indicates that EmployeeManagement_Swagger client secret is wrong (probably doesn't exist).
2021-04-06 10:13:40.048 +00:00 [INF] {"ClientId":"EmployeeManagement_Swagger","Category":"Authentication","Name":"Client Authentication Failure","EventType":"Failure","Id":1011,"Message":"Invalid client secret","ActivityId":"8000000b-0003-ff00-b63f-84710c7967bb","TimeStamp":"2021-04-06T10:13:40.0000000Z","ProcessId":12824,"LocalIpAddress":"::1:44322","RemoteIpAddress":"::1","$type":"ClientAuthenticationFailureEvent"} 2021-04-06 10:13:40.048 +00:00 [ERR] Client secret validation failed for client: EmployeeManagement_Swagger.
Navigate to appsettings of your api gateway and check the IdentityServer section. There should be IdentityModel configuration like: <br>
"AuthServer": { "Authority": "https://localhost:44322", "RequireHttpsMetadata": "true", "SwaggerClientId": "EmployeeManagement_Swagger", "SwaggerClientSecret": "1q2w3e*" },This is the configuration of
AddAbpSwaggerGenWithOAuth.Please, share your appsettings identityserver configuration and swaggerAuth configuration located in module if the problem still persists.
I think its better to have a screenshare session to explain the exact issue. Please advise.