Open Closed

SSO from 2 apps with Identity #4203


User avatar
0
andmattia created
  • ABP Framework version: v5.3.1

Hi

we have created 2 app (angular apps) and we use a single Auth server.

Our goal is from app1 move to app2 without reinsert credentials.

Our landscape is confgured in multitenant enviroment with tenant resolver, so we have

  • customer1.myapp.com -> customer1.api.myapp.com -> customer1.auth.myapp.com
  • customer1.myapp2.com -> customer1.api.myapp2.com -> customer1.auth.myapp.com
  • customer2.myapp.com -> customer2.api.myapp.com -> customer2.auth.myapp.com
  • customer2.myapp2.com -> customer2.api.myapp2.com -> customer2.auth.myapp.com

The first App use a login embedded on Angular when I click in a link that redirect to App2 I land on home but I'm not already logged in. I click the login button but I need to re enter my credentials.

Is it possibile to login directly?

UPDATE

If I go on Auth server page after login I can see all my apps but only one (the first) if I click I can go inside already loggedin the second no

UDPATE 2

I see that if I configure auth server with this options and try to login from api (https://customer1.api.myapp.com) I can't login

"SelfUrl": "https://auth.myapp.com",
...
"TenantResolver": "https://{0}.auth.myapp.com"

If I remove the tenant resolver I see the login page from auth server I need to inser manually the tenant but it works


7 Answer(s)
  • User Avatar
    0
    andmattia created

    We found another issue.

    If we try to execute the audit log from second app we see the host log. We check on DB and tenant filter not flow but if we do the same operation (same tenant) on first app we see only log for our tenant

  • User Avatar
    0
    hikalkan created
    Support Team Co-Founder

    Hi @andmattia,

    The first App use a login embedded on Angular when I click in a link that redirect to App2 I land on home but I'm not already logged in. I click the login button but I need to re enter my credentials.

    It is normal that App2 is not logged in. But it should be automatically login when you click the Login button, without asking credentials again - because the authentication application is already logged in (check this please, it should remain logged in after app1's login).

    When I consider your all comments, I suspect that the app2 can not resolve the current tenant. Especially, the audit log case shows it. When you login with app2 (through the auth server), can it login with tenant? You can see on the top left of the page (it should show the tenan'ts name near to the user's name), or you can check the ABP's application configuration api endpoint result (in angular app's developer tools - the network tab) to see if the current user and tenant are true.

    It is probable that there is some problem with configurations or other setup. Especially, you should double-check everything with multi-tenant with subdomain scenario. It is hard to fully prepare a test environment as yours in our side. If your system is live, you may create a user for us to test it.

  • User Avatar
    0
    andmattia created

    Hi

    I can prepare and account for sure, how can I share the login data?

    If you write to me an email è reply with credentials.

  • User Avatar
    0
    hikalkan created
    Support Team Co-Founder

    Please write to support@abp.io

  • User Avatar
    0
    andmattia created

    I've sent data to login

  • User Avatar
    0
    andmattia created

    Any update?

  • User Avatar
    0
    hikalkan created
    Support Team Co-Founder

    Answered via email.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09