- ABP Framework version: v7.2
- UI Type: Angular
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
Hi
I have deployed my abp app to IIS after deployment when I am accessing the Angular UI its is giving me CORS error in console :-
Access to XMLHttpRequest at 'https://authserver/.well-known/openid-configuration' from origin 'https://angularapp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
The logs are these:-
2023-08-28 11:05:26.278 +01:00 [INF] Executing endpoint '/Account/Login' 2023-08-28 11:05:26.294 +01:00 [INF] Route matched with {page = "/Account/Login", area = "", action = "", controller = ""}. Executing page /Account/Login 2023-08-28 11:05:26.294 +01:00 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy 2023-08-28 11:05:27.320 +01:00 [INF] Executing handler method Volo.Abp.Account.Public.Web.Pages.Account.LoginModel.OnGetAsync - ModelState is "Valid" 2023-08-28 11:05:27.382 +01:00 [INF] Executed handler method OnGetAsync, returned result Microsoft.AspNetCore.Mvc.ChallengeResult. 2023-08-28 11:05:27.386 +01:00 [INF] Executing ChallengeResult with authentication schemes (["AzureOpenId"]). 2023-08-28 11:05:28.024 +01:00 [INF] AuthenticationScheme: AzureOpenId was challenged. 2023-08-28 11:05:28.025 +01:00 [INF] Executed page /Account/Login in 1731.1457ms 2023-08-28 11:05:28.025 +01:00 [INF] Executed endpoint '/Account/Login' 2023-08-28 11:05:28.027 +01:00 [INF] Request finished HTTP/1.1 GET https://authserver/Account/Login - - - 302 - - 1753.7944ms 2023-08-28 11:05:30.625 +01:00 [INF] Request starting HTTP/1.1 POST https://authserver/signin-azuread-oidc application/x-www-form-urlencoded 3455 2023-08-28 11:05:30.634 +01:00 [INF] CORS policy execution failed. 2023-08-28 11:05:30.635 +01:00 [INF] Request origin https://login.microsoftonline.com does not have permission to access the resource. 2023-08-28 11:05:31.153 +01:00 [INF] AuthenticationScheme: Identity.External signed in. 2023-08-28 11:05:31.153 +01:00 [INF] Request finished HTTP/1.1 POST https://authserver/signin-azuread-oidc application/x-www-form-urlencoded 3455
4 Answer(s)
-
0
Hello Dev2ng,
Please try to add required url in the CorsOrigins variable as highlighted in screenshot.
CORS Configuration: If you are developing a web application, this error can also occur due to Cross-Origin Resource Sharing (CORS) issues. Make sure that the resource's CORS settings allow requests from the origin example - https://login.microsoftonline.com.
Please do let me know if anything else is needed.
Thanks, Anjali
-
0
"Make sure that the resource's CORS settings allow requests from the origin example - https://login.microsoftonline.com."
We are using SSO using azure-ad, may be we are missing some setup over there also ?
Can you please tell me if I need to do anything on Azure side as well.
I have already done those appsettings changes.
-
0
Hello Dev2ng,
Here's a checklist of things to check and configure in the Azure portal for your application registration:
Application Registration: Make sure your application is registered in Azure AD. If it's not, you need to create an application registration. Authentication: Verify that you have configured the correct Redirect URIs, which are the endpoints where Azure AD should redirect the user after authentication. See below screen shot
Please do let me know if anything else is needed.
Thanks, Anjali
-
0
Hello Dev2ng,
Please do let us know if this solution has worked for you?
Can we close this ticket if your query is resolved? Please confirm.
Awaiting for your valuable response.
Thank You, Anjali