I've always get UNAUTHORIZED_CLIEN
Can you share the details of error? You can check the Identity Server logs.
hi
The framework will use memory cache if you don't use Redis. It caches permissions related instead of querying the database multiple times
https://docs.abp.io/en/abp/latest/Caching https://docs.abp.io/en/abp/latest/Redis-Cache
hi
We plan implement the Tenant/User impersonation feature.
https://docs.abp.io/en/commercial/latest/road-map
hi Please share these info.
independent wasm/server/console
For mvc https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Http.Client.IdentityModel.Web/Volo/Abp/Http/Client/IdentityModel/Web/HttpContextIdentityModelRemoteServiceHttpClientAuthenticator.cs#L45
For WASM https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Http.Client.IdentityModel.WebAssembly/Volo/Abp/Http/Client/IdentityModel/WebAssembly/AccessTokenProviderIdentityModelRemoteServiceHttpClientAuthenticator.cs#L50
For console https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Http.Client.IdentityModel/Volo/Abp/Http/Client/IdentityModel/IdentityModelRemoteServiceHttpClientAuthenticator.cs#L21 https://github.com/abpframework/abp/blob/7574dc088d7ea3127aaecca92e3a7dc3bdc430f7/framework/src/Volo.Abp.IdentityModel/Volo/Abp/IdentityModel/IdentityModelAuthenticationService.cs#L171
Can you try this?
public class OrganizationClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, ITransientDependency
{
public async Task ContributeAsync(AbpClaimsPrincipalContributorContext context)
{
var identity = context.ClaimsPrincipal.Identities.FirstOrDefault();
identity.AddClaim(new Claim("Organization", "OrganizationValue"));
}
}
https://docs.abp.io/en/abp/latest/Authorization#claims-principal-factory
hi
The Remember me means keep your login status instead of your username.
We are expecting to have Username prepopulated in login page when user selcts the "Remember me" checkbox and login successfully.
You can customize the login page to get the username that already login.
https://support.abp.io/QA/Questions/240/How-to-customize-the-login-page https://community.abp.io/articles/how-to-customize-the-login-page-for-mvc-razor-page-applications-9a40f3cd
I think it is because the user's SecurityStamp has changed.
SecurityStamp: A random value that must change whenever a users credentials change (password changed, login removed)
- Remove sensitive data from the payload if it is not required - Not sure if this is possible and application will work
- Instead of placing sensitive data in the payload, use an indirect object reference which is resolved on the server side - Not sure if this is possible and application will work
You can remove some claims from the Factory.
https://github.com/abpframework/abp/blob/dev/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpUserClaimsFactory.cs https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/AbpUserClaimsPrincipalFactory.cs https://docs.abp.io/en/abp/latest/Authorization#claims-principal-factory
3.Encrypt the JWT payload using the JSON web encryption (JWE) scheme 4.Encrypt sensitive data within the JWT payload using a custom process.
I found some discuss about this.
https://github.com/DureSameen/IdentityServer4.JWE
i even tried return true alwas but no luck.
What's is results now?
https://samesite-sandbox.glitch.me/
Can you share your website url and user&password with me? liming.ma@volosoft.com
