hi
You can disable it by url.
hi
Could you please share more details/log and screenshots?
Thanks.
hi
Your application can use its own database. But the Identity module should use the Authserver's database.
In the ABP microservices template, a single service can have a separate datatable, but it will use a common database. Eg User. Setting. Permissions.
See:
https://abp.io/docs/latest/framework/fundamentals/connection-strings https://abp.io/community/articles/multitenancy-with-separate-databases-in-dotnet-and-abp-51nvl4u9#gsc.tab=0
hi
You can create a new role as a user. Then, you can grant permission for the TestSample menu in the Main project. After that, if you log in to the Lab project with a user belonging to this role, the TestSample button that you granted permission for in the Main project should appear, but it does not.
Your web app(SCS.LabManagement.Web) will get an access token from the authserver(SCS.Main.Web) and then use this access token to request the API(SCS.LabManagement.HttpApi.Host).
The API will return the granted permissions of the current user to your web app based on the access token you provide.
BUT, the current user is from the authserver, which doesn't exist in your API app database.
The API database doesn't have your custom role, user and the permissions.
All of your apps should use the same database.
Thanks.
Additionally, you need to check if your Angular application is making two refresh token requests at the same time.
Override the SaveChangesAsync method of your app DbContext to output the exception entity and Reset the state of the entity to prevents future calls to SaveChangesAsync() from failing.
public override async Task<int> SaveChangesAsync(bool acceptAllChangesOnSuccess, CancellationToken cancellationToken = new CancellationToken())
{
try
{
return await base.SaveChangesAsync(acceptAllChangesOnSuccess, cancellationToken);
}
catch (AbpDbConcurrencyException e)
{
if (e.InnerException is DbUpdateConcurrencyException dbUpdateConcurrencyException)
{
if (dbUpdateConcurrencyException.Entries.Count > 0)
{
var sb = new StringBuilder();
sb.AppendLine(dbUpdateConcurrencyException.Entries.Count > 1
? "There are some entries which are not saved due to concurrency exception:"
: "There is an entry which is not saved due to concurrency exception:");
foreach (var entry in dbUpdateConcurrencyException.Entries)
{
sb.AppendLine(entry.ToString());
}
Logger.LogWarning(sb.ToString());
}
foreach (var entry in dbUpdateConcurrencyException.Entries)
{
// Reset the state of the entity to prevents future calls to SaveChangesAsync() from failing.
entry.State = EntityState.Unchanged;
}
}
throw;
}
}
Thanks.
hi
Your logs miss something. For example, the exception entity and the call stack.
Can you share the Logs.txt file with the Debug level?
https://abp.io/support/questions/8622/How-to-enable-Debug-logs-for-troubleshoot-problems
Thanks.
hi
The error is:
IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.
Check this article for more details about Issuer.
https://abp.io/community/articles/common-errors-in-jwt-bearer-authentication-4u3wrbs5#gsc.tab=0
Thanks.
hi
These security headers were added by ABP Security Header middleware.
You can remove all app.UseAbpSecurityHeaders from your apps.
https://abp.io/docs/latest/framework/ui/mvc-razor-pages/security-headers https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs#L42-L43 Thanks.
hi
This isn't just a simple rewrite or replacement work. The entire permission management module has been almost completely restructured.
You can download the source code of the permission management module to modify both the backend and the Angular frontend.
You need to add two properties like this to the PermissionGrant entity and then check them.
Thanks.
hi
I will ask our Angular team.
Thanks.
