- ABP Framework version: v7.1
- UI type: Blazor
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes / no
- Exception message and stack trace:
- Steps to reproduce the issue:"
- Hello, I have a question about login authorization. Our company has developed multiple business systems based on the modular ABP framework. These systems require unified permission management. Prior to using ABP, we developed our systems in a conventional front-end and back-end separation pattern. The front-end pages would call a unified interface of the authorization system for login, obtain the corresponding roles and permissions. We called this the Portal platform. After switching to the ABP framework, I am unsure how to modify my subsystems to call a common service for authorization during login, similar to our previously self-developed portal. Do you have any solutions or case studies for my situation of multiple subsystems with unified authorization management based on the ABP framework? Thank you.
3 Answer(s)
-
0
Hi,
Actually, it sounds like microservices.
you can check our microservice template and eShopOnAbp examples.
- https://docs.abp.io/en/commercial/latest/startup-templates/microservice/index
- https://github.com/abpframework/eShopOnAbp
You can understand each independently deployed service as a subsystem, each service uses a unified authorization server.
We also have a community Talks video: https://www.youtube.com/watch?v=TpyROlTBc50
-
0
Hi, In fact,the question is , we have many subsystems and UIs of these subsystems usually update frequently. So we don't want to unite all UI to one main host program,which leads to a bad user`s exprience.For this reason,we design a portal which is an entrance of all subsystems and show links of subsystems.
We wonder to how to get roles and permissions from central auth server,not like ABP microservices template which unite all microservice UI to one Main host.That is not what we want.
-
0
Hi,
As I said, you can understand the service as a subsystem, except that it has no UI.
We wonder to how to get roles and permissions from central auth server,not like ABP microservices template which unite all microservice UI to one Main host.That is not what we want.
ok, I try to give you another suggestion, but I don't know about your solution architecture details
I assume that you already have an auth server center.
You can configure the
OpenIdConnect
for authentication:You need to create an openIddict application for each subsystem,
You can use remote services to get data such as role permissions
Install the following packages and add module dependencies
Volo.Abp.Http.Client.Web
Volo.Abp.AspNetCore.Mvc.Client
Volo.Abp.Http.Client.IdentityModel.Web
Update
appsettings.json
"RemoteServices": { "Default": { "BaseUrl": "Your auth server URL" } }
We already do this in the template, you can create a project to check:
abp new Myapp -u blazor-server --tiered