ABP Framework version: v4.2.0 UI type: Angular DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): yes Exception message and stack trace: Steps to reproduce the issue:
Hello, we are trying to resolve issue related to switching between host and customer DBs..
Our solution is deployed with host DB and separated Identity Server (IS) (running as separate microservice and using host DB). We would like to use Multi-tenant solution with separate DB for each tenant. We are trying to use centralized IS to handle all requests. We already created our custom override of CreateAsync method in TenantAppService to create some custom actions during tenant creation (tenant DB creation, running some seed methods, etc.). UpdateDefaultConnectionStringAsync is called too in our method to update SaasTenantConnectionStrings table in host DB.
So when we create new tenant from host app, there is a new tenant DB, SaasTenantConnectionStrings table in host DB contains correct connection string too. We have also a wildcard rule in IdentityServerClientRedirectUris table in IS.
When we access https://tenant1.ourappurl/ and click Login, we are redirected to the correct IS page with login. My question is: Can we identify the tenant using the domain resolver to direct to the tenant db once the authorization is completed on the centralised IS server?
Thanks a lot!
34 Answer(s)
-
0
When we access https://tenant1.ourappurl/ and click Login, we are redirected to the correct IS page with login. My question is: Can we identify the tenant using the domain resolver to direct to the tenant db once the authorization is completed on the centralised IS server?
Yes, you have the tenantId in the request header,so you can get and make a request to ITenantRepository for the name, connection strings etc.
-
0
We have tried to login as tenant, login is successfully done however we got an error of Invalid_scope.
-
0
This is error is not related with tenant but identityserver configuration.
Check your identityserver logs for [ERR] containing invalid_scope. You are probably requesting a none-existing scope in your application.
-
0
We have tried login as a tenant using below steps :
- Download demo code from abp io site.
- Create new tanant which is successfully created with database table
- Create new tenant and try to login ,its working fine.
We are unable to login tenant with tenant database in commercial version. However we followed the same steps which we are doing in the Non-Commercial Version.
Our purpose is login as tenant with separate Database with Central Identity Server.
Can you please provide a sample code for the same
-
0
are you using subdomains for tenant selection in your test?
-
0
We are removed the switch tenant from UI ,we are use subdomains in comaracial code
-
0
@MarekH
Can you give more information about the issue?
At which point do you get invalid_scope error?
-
0
Actually we are trying to switch tenant on the basis of change in the URL , Instead of switching it from the popup modal which we have in the login. We have tried below things :-
- Created Custom tenant Resolver class also added {0}.maindomain.com specified this URL. As we found this solution to switch tenant autometically on the basis of URL.
In current scenario we are getting that URL after login for example if we use
tenant1.mydomain.com then after login we are redirecting to same tenant1.mydomain.com But tenant is not getting changed , We are still logged in as admin.
Can you please help us.
-
0
We have tried to login as tenant, login is successfully done however we got an error of Invalid_scope.
This shows login happened for tenant6 admin user. Do you mean this doesn't work anymore either?
-
0
We have tried to login as tenant, login is successfully done however we got an error of Invalid_scope.
This shows login happened for tenant6 admin user. Do you mean this doesn't work anymore either?
We have resolved this error but we are not able to login as tenant using url
-
0
Actually we are trying to switch tenant on the basis of change in the URL , Instead of switching it from the popup modal which we have in the login. We have tried below things :-
- Created Custom tenant Resolver class also added {0}.maindomain.com specified this URL. As we found this solution to switch tenant autometically on the basis of URL.
In current scenario we are getting that URL after login for example if we use
tenant1.mydomain.com then after login we are redirecting to same tenant1.mydomain.com But tenant is not getting changed , We are still logged in as admin.
Can you please help us.
We are facing this issue while we are trying to login using url.
-
0
To clarify:
- In tenant1.mydomain.com hit login
- Redirected to authserver.mydomain.com (identityserver), enter credentials for admin user and hit login
- Successfuly signed in and I am now redirected back to tenant1.mydomain.com.
- But logged in user is not tenant admin but the host admin?
But tenant is not getting changed , We are still logged in as admin.
I assume Host admin, not tenant admin.
It might be related with cookies and application cache. Does it the same behaviour when you cleared the cookies and browser cache or in incognito mode?
-
0
To clarify:
- In tenant1.mydomain.com hit login
- Redirected to authserver.mydomain.com (identityserver), enter credentials for admin user and hit login
- Successfuly signed in and I am now redirected back to tenant1.mydomain.com.
- But logged in user is not tenant admin but the host admin?
But tenant is not getting changed , We are still logged in as admin.
I assume Host admin, not tenant admin.
It might be related with cookies and application cache. Does it the same behaviour when you cleared the cookies and browser cache or in incognito mode?
Yes , It is same behaviour when we clear cookie.
We are getting logged in as HostAdmin instead of tenant Admin
We have used below method to enable tenant switching on the basis of URL:-
Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver("{0}.mydomain.com"); });
Do we need anything else for switching tenant on the basis of URL?
-
0
Since you have created CustomTenantResolver, you need to add it as tenant resolver also.
In your Web Module:
Configure<AbpTenantResolveOptions>(options => { options.TenantResolvers.Add(new MyCustomTenantResolveContributor()); });You can also check custom tenant resolvers docs for more information.
-
0
hi @MarekH
Deos
tenant1.mydomain.comandauthserver.mydomain.comboth usemydomain.comas domain? -
0
hi @MarekH
Deos
tenant1.mydomain.comandauthserver.mydomain.comboth usemydomain.comas domain?Yes both are in same domain
Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver("{0}.mydomain.com"); });
We have added above method , to switch tenant autometically on the basis of URL change
-
0
hi @MarekH
I am going to check your application remotely. Please tell me your available time. liming.ma@volosoft.com
-
0
hi @MarekH
I am going to check your application remotely. Please tell me your available time. liming.ma@volosoft.com
Hi @Maliming
We will available after an hour (02:00 PM IST) is this fine for you ?
-
0
ok. it's fine for me.
-
0
hi
Have you checked this document?
https://docs.abp.io/en/abp/latest/UI/Angular/Multi-Tenancy#domain-subdomain-tenant-resolver
-
0
I will create demos that use domain names to resolve tenants. MVC and ANGULAR.
-
0
I will create demos that use domain names to resolve tenants. MVC and ANGULAR.
Ok Thank you.
-
0
Thank you @maliming. it'll be useful for others as well.
-
0
There is a problem in angular. It fixed in 4.3. https://github.com/abpframework/abp/issues/8231
I will provide angular examples after 4.3, currently there are mvc and mvc tiered examples. https://github.com/maliming/DomainTenantResolver
-
0
@maliming - Is it possible to include the way to do unique user logins for multi-tenant in the demo you are building for this issue using sub domains?;
https://support.abp.io/QA/Questions/917/Tenant-Login-Without-Selecting-Tenant-and-without-a-Hostname-specific-for-the-URL
