Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, and please first use the search on the homepage. Provide us with the following info:
- ABP Framework version: v7.3.2 commercial
- UI Type: MVC
- Database System: EF Core (MySQL.)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
- Exception message and full stack trace:
- Steps to reproduce the issue:
I use the microservice-pro template, now i need to deployment them in my cloud.
i want to use console.mydomain.com access the web, use www.mydomain.com access the publicweb, use auth.mydomain.com access the authserver.
I saw the appsettings.json of every service, but i dont sure which filed should bind the domain, i try modify some fields, but throw exceptions :(
AuthServer/appsettings.json
{
"App": {
"SelfUrl": "http://10.1.100.11:8000",
"CorsOrigins": "*",
"RedirectAllowedUrls": "http://10.1.100.11:8000",
"DisablePII": "false"
},
"AuthServer": {
"Authority": "http://10.1.100.11:8000",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "WebGateway_Swagger"
},
...
}
IdentityService/appsettings.json
{
"App": {
"SelfUrl": "http://10.1.100.11:8001",
"CorsOrigins": "*"
},
"AuthServer": {
"Authority": "http://10.1.100.11:8000",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "WebGateway_Swagger"
},
...
}
AdministrationService/appsettings.json
{
"App": {
"SelfUrl": "http://10.1.100.11:8002",
"CorsOrigins": "*"
},
"AuthServer": {
"Authority": "http://10.1.100.11:8000",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "WebGateway_Swagger"
},
"RemoteServices": {
"AbpIdentity": {
"BaseUrl": "http://10.1.100.11:8001/",
"UseCurrentAccessToken": "false"
}
},
"IdentityClients": {
"Default": {
"GrantType": "client_credentials",
"ClientId": "AdministrationService",
"ClientSecret": "1q2w3e*",
"Authority": "http://10.1.100.11:8000",
"Scope": "IdentityService",
"RequireHttps": "false",
"ValidateIssuerName": "false",
"ValidateEndpoints ": "false"
}
},
...
}
SaasService/appsettings.json
{
"App": {
"SelfUrl": "http://10.1.100.11:8003",
"CorsOrigins": "*"
},
"AuthServer": {
"Authority": "http://10.1.100.11:8000",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "WebGateway_Swagger"
},
...
}
WebGateway/appsettings.json
{
"App": {
"SelfUrl": "http://10.1.100.11:8080",
"CorsOrigins": "*"
},
"AuthServer": {
"Authority": "http://10.1.100.11:8000",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "WebGateway_Swagger",
...
}
...
}
WebGateway/ocelot.json
{
"GlobalConfiguration": {
"BaseUrl": "http://10.1.100.11:8080"
},
"Routes": [
{
"ServiceKey": "Account Service",
"ServiceDns": "http://10.1.100.11:8000",
"DownstreamPathTemplate": "/api/account/{everything}",
"DownstreamScheme": "http",
"DownstreamHostAndPorts": [
{
"Host": "10.1.100.11",
"Port": 8000
}
],
"UpstreamPathTemplate": "/api/account/{everything}",
"UpstreamHttpMethod": [ "Put", "Delete", "Get", "Post" ]
},
...
]
}
Web/appsettings.json
{
"App": {
"SelfUrl": "http://10.1.100.11:8081"
},
"AuthServer": {
"Authority": "http://10.1.100.11:8000",
"RequireHttpsMetadata": "false",
"ClientId": "Web",
"ClientSecret": "1q2w3e*",
"IsOnK8s": "false",
"MetaAddress": "http://10.1.100.11:8000",
},
"RemoteServices": {
"Default": {
"BaseUrl": "http://10.1.100.11:8080"
}
},
...
}
14 Answer(s)
-
0
Hi,
This has nothing to do with ABP.
You should use a DNS provider to resolve your domain name.
- https://www.cloudflare.com/learning/dns/what-is-dns/
-
0
I add a route in gateway, redirect the console.mydomain.com to 10.1.100.11:8081, if i use browser to access console.mydomain.com, the microservice-pro/Web will open the auth page, but the uri is 10.1.100.11:8000, this url is in lan not wlan.
I need let the microservice-pro/Web open auth.mydomain.com when click login. and the auth page return to console.mydomain.com after auth success.
-
0
-
0
Hi,
If every service need a public URL, I think it is a terrible design.
I need use reverse proxy access the auth, web, webgateway. and them need redirect to the correct public domainname. other times, each services use lan ip to communicate. like this:
I split my question, the first one:
If I need web can redirect to auth.mydomain.com, and authserver can redirect to console.mydomain.com, which fields need modify?
-
0
Hi,
If every service need a public URL, I think it is a terrible design
It's up to you. you can use the internal URL for the service.
If I need web can redirect to auth.mydomain.com, and authserver can redirect to console.mydomain.com, which fields need modify?
I think it's clear, you can see everything you need here:
https://github.com/abpframework/eShopOnAbp/blob/main/etc/k8s/azure/values-az-cr.yaml
-
0
Hi,
If every service need a public URL, I think it is a terrible design
It's up to you. you can use the internal URL for the service.
If I need web can redirect to auth.mydomain.com, and authserver can redirect to console.mydomain.com, which fields need modify?
I think it's clear, you can see everything you need here:
https://github.com/abpframework/eShopOnAbp/blob/main/etc/k8s/azure/values-az-cr.yaml
Hi, thank you for reply.
Yes, it is clear for k8s, and I believe it works fine.
but i run all services at a single windows machine, so i can't use a public or internal URL for every services, just use ip:port to communicate in lan and use reverse proxy bind domainname to my auth,web and publicweb.
Is there somethings references about use reverse proxy, like as nginx?
-
0
Haa, I found it.
https://github.com/abpframework/eShopOnAbp/blob/main/etc/docker/docker-compose.yml
I try it now.
-
0
Hi,
My web will redirect to the login page if not authenticated.
Web/Pages/Index.html
public class IndexModel : AbpPageModel { public ActionResult OnGet() { if (Request.Query["ex"] == "yes") { throw new DivideByZeroException("This is a test exception!"); } if (!CurrentUser.IsAuthenticated) { return Redirect("~/Account/Login"); } else { return Page(); } } }
and it open this url
http://auth.mydomain.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3DWeb%26redirect_uri%3Dhttp%253A%252F%252Fconsole.mydomain.com%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520roles%2520email%2520phone%2520AccountService%2520IdentityService%2520AdministrationService%2520SaasService%2520CmsService%2520BusinessUnit%26response_mode%3Dform_post%26nonce%3D638332667736323954........mJlMThjN2EyYWE0%26state%3DCfDJ8Eld3tn4Rn1GjnZqhM-ZUBhwOYwgPtXiFM1D3kL1WtTfijdvGsvbYNVPJtv6A0gw4zpSJDK-IVFZgg6EzByFk_PNFmgyv3oJ.......P7AmgWMDl3GtjG_c1V_06gxU06E_%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.15.1.0
Can I construct this url myself?
By the way, I use the microservice-pro template.
-
0
Hi,
My web will redirect to the login page if not authenticated.
Web/Pages/Index.html
public class IndexModel : AbpPageModel { public ActionResult OnGet() { if (Request.Query["ex"] == "yes") { throw new DivideByZeroException("This is a test exception!"); } if (!CurrentUser.IsAuthenticated) { return Redirect("~/Account/Login"); } else { return Page(); } } }
and it open this url
http://auth.mydomain.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3DWeb%26redirect_uri%3Dhttp%253A%252F%252Fconsole.mydomain.com%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520roles%2520email%2520phone%2520AccountService%2520IdentityService%2520AdministrationService%2520SaasService%2520CmsService%2520BusinessUnit%26response_mode%3Dform_post%26nonce%3D638332667736323954........mJlMThjN2EyYWE0%26state%3DCfDJ8Eld3tn4Rn1GjnZqhM-ZUBhwOYwgPtXiFM1D3kL1WtTfijdvGsvbYNVPJtv6A0gw4zpSJDK-IVFZgg6EzByFk_PNFmgyv3oJ.......P7AmgWMDl3GtjG_c1V_06gxU06E_%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.15.1.0
Can I construct this url myself?
By the way, I use the microservice-pro template.
-
0
Hi,
My web will redirect to the login page if not authenticated.
Web/Pages/Index.html
public class IndexModel : AbpPageModel { public ActionResult OnGet() { if (Request.Query["ex"] == "yes") { throw new DivideByZeroException("This is a test exception!"); } if (!CurrentUser.IsAuthenticated) { return Redirect("~/Account/Login"); } else { return Page(); } } }
and it open this url
http://auth.mydomain.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3DWeb%26redirect_uri%3Dhttp%253A%252F%252Fconsole.mydomain.com%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520roles%2520email%2520phone%2520AccountService%2520IdentityService%2520AdministrationService%2520SaasService%2520CmsService%2520BusinessUnit%26response_mode%3Dform_post%26nonce%3D638332667736323954........mJlMThjN2EyYWE0%26state%3DCfDJ8Eld3tn4Rn1GjnZqhM-ZUBhwOYwgPtXiFM1D3kL1WtTfijdvGsvbYNVPJtv6A0gw4zpSJDK-IVFZgg6EzByFk_PNFmgyv3oJ.......P7AmgWMDl3GtjG_c1V_06gxU06E_%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.15.1.0
Can I construct this url myself?
By the way, I use the microservice-pro template.
-
0
Can I construct this url myself?
Sorry, I didn't get it. could you explain it in detail?
-
0
OK,
- Run WebHost at http://localhost:8081
- Run AuthServer at http://localhost:8000
- Access WebHost(http://localhost:8081) from Browser.
- Click login
- the Browser auto redirect to http://localhost:8000/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3DWeb%26redirect_uri%3Dhttp%253A%252F%252Flocalhost:8081%252Fsignin-oidc%26response_type....
I want to modify this url, replace some parameters and sign it.
-
0
Hi,
These are the standard OIDC parameters, and I don't recommend you change them.
Anyway, You can change it in the following:
context.Services.Configure<OpenIdConnectOptions>("oidc", options => { var previousOnRedirectToIdentityProvider = options.Events.OnRedirectToIdentityProvider; options.Events.OnRedirectToIdentityProvider = async ctx => { ctx.ProtocolMessage.IssuerAddress = "...../connect/authorize"; //... if (previousOnRedirectToIdentityProvider != null) { await previousOnRedirectToIdentityProvider(ctx); } }; });
-
0
Yes, I need this, Thank you ~~