Activities of "scott7106"

In that case, the Account Linking option should not show up when the authentication method is openid. The user experience is broken! The end user sees an option which works (links their account on the backend), but breaks their ability to return to the front end and does not actually change their logged in account for the front end application.

• Are you planning to implement account linking for openid?
• Is it possible to implement account linking for openid?
• Is there a configuration option to disable account linking?

A further note on this. While the account profile pages show the new user, if you manually change the URL in the browser to the client app, the logged in user changes back (or stays depending on your perspective) to the original user account.

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

• ABP Framework version: v4.1.2
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Seperated (Angular): no
• Steps to reproduce the issue:

1. Login in as User A to Tenant B

2. Go to Account profile

3. Go to Link users

4. Login as a linked user (different tenant, in case that matters)

**The user is now logged into the new account, but the Return to application button has disappeared. ** The user is now stranded in the MVC application for the identity management with no way back to the client application.

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

• ABP Framework version: v4.1.2
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Seperated (Angular): no

I am running into 2 issues which may be lack of knowledge.

1. When I add the RequiresFeature to a method or app service class, I cannot figure out how to get the application tests to work. It fails with a permissions issue since the feature is not "enabled" for the test case. Trying to add programmatically enable the feature has not worked so far. Is there an example available for how to test a service which requires a feature?

2. When a feature has permissions associated with it, how do I only show the permissions when it is enabled for a tenant? I added a feature check before adding the permissions in the Permission definition provider, but this causes errors if you log out of a tenant who has the feature and then log into a client which does have the feature. The call to AbpConfiguration is not reset and the permissions are not listed there. Is there an example available for how to correctly hide permissions behind a feature?

The issue with the persisted keys does not occur when the API is the root application of a website. I backed up and decided to attempt combining the applications so that the API is at the root and the angular client is deployed as a subfolder within the API.

• HttpApi.Host\client

In the Startup.cs file of the HttpApi.Host project, I added the following code to the ConfigureServices method:

services.AddSpaStaticFiles(configuration =>
{
    configuration.RootPath = "client";
});

In the Configure method, I added the following:

app.UseSpaStaticFiles(new StaticFileOptions
{
    FileProvider = new PhysicalFileProvider(
        Path.Combine(env.ContentRootPath, "client")),
        RequestPath = "/client"
});

app.UseSpa(spa =>
{
    spa.Options.SourcePath = "client";
});

I created a local environment in Angular with the URI settings needed for this configuration, ran ng build for the new environment with a base-href value of /client/ and then used xcopy to place resulting dist files in my API project.

With this configuration, I can access both the client and the API locally. However, while the login/logout process works and the GET methods from the API work for the client, as soon as I attempt to post something from the client, I get an error which is not sent by the server and the following entry in the log files. [ERR] The required antiforgery header value "RequestVerificationToken" is not present.

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

• ABP Framework version: v4.0.2
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Seperated (Angular): no

We are looking to deploy our application on an IIS web server which is behind a load balancer with SSL terminated at the load balancer. This is a common deployment strategy for our clients. I am testing this setup with a prototype (single set of CRUD pages) generated using Suite 4.0.0 and later upgraded to 4.0.2.

1. If I attempt to deploy the API as an application instead of a website in IIS, I get a variety of 404 errors due to absolute paths. For example, https://{mywebsite}/libs/abp/core/abp.js is referenced instead of https://{mywebsite}/{myapp}/libs/abp/core/abp.js.

Question: Does the API require a separate website or can I deploy it as an application within a website? Ideally, I want to deploy the API and the Angular client as as single website, but this isn't going to work if the API must be deployed at the root of a website. Normally, I would create a webite and then deploy the Angular client at the root and the API as a sub application within the website.

2. There is an error and a warning in the log file when the application starts. Setting SameSite attributes in the web.config file does not have any effect.

2021-01-12 15:54:35.018 +00:00 [INF] Hosting environment: Production 2021-01-12 15:54:35.018 +00:00 [INF] Content root path: {location}\Portal.Api 2021-01-12 15:54:35.036 +00:00 [INF] Request starting HTTP/1.1 GET http://{mywebsite}/portal-prototype-api/Account/Login?ReturnUrl=%2Fportal-prototype-api - - 2021-01-12 15:54:36.956 +00:00 [INF] Executing endpoint '/Account/Login' 2021-01-12 15:54:37.026 +00:00 [INF] Route matched with {page = "/Account/Login", action = "", controller = "", area = ""}. Executing page /Account/Login 2021-01-12 15:54:37.028 +00:00 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy 2021-01-12 15:54:37.795 +00:00 [INF] Executing handler method Volo.Abp.Account.Public.Web.Pages.Account.LoginModel.OnGetAsync - ModelState is "Valid" 2021-01-12 15:54:37.819 +00:00 [INF] Executed handler method OnGetAsync, returned result . 2021-01-12 15:54:37.822 +00:00 [INF] Executing an implicit handler method - ModelState is "Valid" 2021-01-12 15:54:37.822 +00:00 [INF] Executed an implicit handler method, returned result Microsoft.AspNetCore.Mvc.RazorPages.PageResult. 2021-01-12 15:54:38.006 +00:00 [ERR] An exception was thrown while deserializing the token. Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException: The key {ac856cb7-2721-43c2-820b-6df7287dbb9a} was not found in the key ring. at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData) at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken) --- End of inner exception stack trace --- at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken) at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext) 2021-01-12 15:54:38.190 +00:00 [WRN] The cookie 'XSRF-TOKEN' has set 'SameSite=None' and must also set 'Secure'.

Upgrading to version 4.0.2 and recreating the project fixed the issue

After being directed to this from https://support.abp.io/QA/Questions/626/Bugs--Issues-v4X#answer-756752d8-cea0-580d-5ede-39f9883c69d9

which directed me to a proposed temporary solution at https://support.abp.io/QA/Questions/626/Bugs--Issues-v4X#answer-756752d8-cea0-580d-5ede-39f9883c69d9

I added the resolution section to packages.json, deleted the yarn.lock file, ran yarn and deleted all local cookies and storage.

The behaviour of the application has not changed, but I get a different error message.

I am having issues getting the angular web client to work when creating a new solution with Suite 4.0.1.

Steps to reproduce.

1. Create a new solution
2. Ran DbMigrator project
3. Run Host project (test swagger api)
4. Build Angular project
5. Start Angular project

This does not happen with projects created with Suite 3.3.1.

Adding the [Authorize] attribute on the home controller eliminates the need to manually navigate to the login page. Since the Swagger UI cannot be used without logging in, you might as well add Authorize.