Open Closed

How to Login Different Tenant in Browser Tab #6678


User avatar
0
shijo created
  • ABP Framework version: v7.0

  • UI Type: Angular

  • Database System: EF Core SQL Server

  • Tiered (for MVC) or Auth Server Separated (for Angular): yes

  • Exception message and full stack trace:

  • Steps to reproduce the issue:

    1. Open Browser Login with Tenant1
    2. Open a new Tab with the same URL, default Tenant1 is logged-in in new tab Our requirement is that each browser session should prompt for individual login credentials and operate independently. How can we achieve this?

12 Answer(s)
  • User Avatar
    0
    Anjali_Musmade created
    Support Team Support Team Member

    Hello,

    could you please check this similar issue https://support.abp.io/QA/Questions/1023 if it helps you

    thanks

  • User Avatar
    0
    shijo created

    Hi, I tried the code that is mentioned in the issue, but it's not working. Let me explain the exact problem we are facing. Initially, on the left side, I logged in with Incognito using Tenant1. Then, I opened a new Incognito window with the same URL, and it showed me a logged-in screen with Tenant1. Afterward, I logged out the tenant from the right side and logged in with Tenant2. Now, both the left Incognito and the right side are using Tenant2 user sessions. We want to maintain both sessions simultaneously. If you have any sample projects to share, please do.

    I have implemented this in my code.

    Scope added in Host Module configuration

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    It's not possible, even if there are multiple Incognito tabs, they still share the same cookie and session

    It's all about the browser, not ABP. You might consider using a different browser to log into a different tenant

  • User Avatar
    0
    shijo created

    Hi, This is regarding the same issue that I reported, our system is multitenant and we added this to resolve tenants Configure<AbpTenantResolveOptions>(options => { options.TenantResolvers.Add(new CookieTenantResolveContributor()); options.TenantResolvers.Add(new HeaderTenantResolveContributor()); });

    While opening the tenant URL, we direct it to Single Sign-On (SSO) by passing the tenant name in the query string, which works perfectly fine. However, the problem we're encountering arises when we attempt to access the admin interface after visiting any tenant URL. In this case, the SSO redirects to the last visited tenant, which is illogical because we don't pass any tenant name for the admin interface in the query string. How can we resolve this issue? I've noticed that the Application Tab and Cookie Information change when accessing specific tenants, but they remain unchanged for the admin interface, retaining the data from the last visit. If you need more clarification please ask.

    For Tenant: international this is the sso url, you can see the last query string value is tenant name https://sso.abc.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3DAkadimi_App%26redirect_uri%3Dhttps%253A%252F%252Freader.uepuae.ae%26response_type%3Dcode%26scope%3Dopenid%2520email%2520offline_access%2520Akadimi%26nonce%3Df04e445634fb75249028794f875cebe059vFmTywp%26state%3D8b55218695bc1d9f61aadc690ba3b3c1a1Aibm6pm%26code_challenge%3Dzfa46XEa5zOJN1wK0FzDV2T8iUrqxYs4S-oFyvF-esE%26code_challenge_method%3DS256%26__tenant%3Dinternational

    For Tenant: aths https://sso.abc.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3DAkadimi_App%26redirect_uri%3Dhttps%253A%252F%252Freader.aths.ac.ae%26response_type%3Dcode%26scope%3Dopenid%2520email%2520offline_access%2520Akadimi%26nonce%3Db46cf111bf4dfc3532365277bcb6fd0c62UYZ6bMk%26state%3D3be63e1ba9106fa05d7f4624a9704f1c42UcGrXLF%26code_challenge%3Dr-ZgvXA3Nh3ESTDHD94Nd63-Bx71U5gjU-AGXpwiOC8%26code_challenge_method%3DS256%26__tenant%3Daths

    For Admin https://sso.abc.io/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DAkadimi_App%26state%3DaUpGTlFwdV9kZHBJY09WUS44Wn5PTzhqQ2dXQWZqR3ZSZHk4ZmNDaVdWeE5p%26redirect_uri%3Dhttps%253A%252F%252Fadmin.akadimi.io%26scope%3Dopenid%2520offline_access%2520Akadimi%26code_challenge%3DkcG7_SRBM7yi4GlVPGIpTdTTF6FsA1rXiIqKiSY9pPg%26code_challenge_method%3DS256%26nonce%3DaUpGTlFwdV9kZHBJY09WUS44Wn5PTzhqQ2dXQWZqR3ZSZHk4ZmNDaVdWeE5p%26culture%3Den%26ui-culture%3Den This sso is pointing to the last tenant which we opened.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    This is because ABP attempts to determine the current tenant using the tenant resolve contributor in order

    https://docs.abp.io/en/abp/latest/Multi-Tenancy#tenant-resolvers

    You can try to remove CookieTenantResolveContributor

  • User Avatar
    0
    shijo created

    Hi We have added a CustomTenantReolver, which is resolving tenant by querystring but after login getting this exception.

    InvalidOperationException: The user details cannot be retrieved. Volo.Abp.OpenIddict.Controllers.AuthorizeController.HandleAsync() Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor+TaskOfIActionResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, object controller, object[] arguments) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask<IActionResult> actionResultValueTask) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted)

    This is our tenantResolver

    public class CustomTenantResolveContributor : TenantResolveContributorBase
        {
            public override string Name => "Custom";
            public async override Task ResolveAsync(ITenantResolveContext context)
            {
                var currentContextAccessor = context.ServiceProvider.GetRequiredService<IHttpContextAccessor>();
                var tenantRepository = context.ServiceProvider.GetRequiredService<ITenantRepository>();
                var tenantName = currentContextAccessor?.HttpContext?.Request.Query["__testtenant"];
                if (tenantRepository != null)
                {
                    var tenant = await tenantRepository.FindByNameAsync(tenantName);
                    if (tenant != null)
                    {
                        context.TenantIdOrName = tenant.Name;
                    }
                }
            }
        }
    

    In AuthServer Added this also...

    Configure&lt;AbpTenantResolveOptions&gt;(options =>
    {
        //options.TenantResolvers.Add(new CookieTenantResolveContributor());
        //options.TenantResolvers.Add(new HeaderTenantResolveContributor());
        options.TenantResolvers.Clear();
        options.TenantResolvers.Add(new CustomTenantResolveContributor());
    });
    
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Could share the full error logs?

  • User Avatar
    0
    shijo created

    System.InvalidOperationException: The user details cannot be retrieved. at Volo.Abp.OpenIddict.Controllers.AuthorizeController.HandleAsync() at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Will this work for you?

    Configure<AbpTenantResolveOptions>(options =>
    {
        options.TenantResolvers.Clear();
        options.TenantResolvers.Add(new CustomTenantResolveContributor());
        options.TenantResolvers.Insert(0, new CurrentUserTenantResolveContributor());
    });
    
  • User Avatar
    0
    shijo created

    Working... Thanks for your support

  • User Avatar
    0
    shijo created

    Hi, One more issue regarding this. Once I logged in with one User, The user validated across all tenants, How can I be forced to log out the user once a tenant is changed?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Could you please create a new question? thanks.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11