Open Closed

Authentication error on Ubuntu Nginx #6113


User avatar
0
hanntd created

Hi, I deployed my Abp project (UI:Blazor Wasm) on Nginx Ubuntu. Blazor UI and Api run well, only a problem with authentication. If I leave appsetting.json of Api as default: "AuthServer": { "Authority": "https://ebiz-devapi.abc.com", "RequireHttpsMetadata": "true", "SwaggerClientId": "eBiz_Swagger_Ubuntu" } When login it show this error: If I changed RequireHttpsMetadata to false and Auth Server Url withou https, when Blazor login will show this error and cannot login:

Please help me to fix this issue. Thanks Dharma


19 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please share the logs of 400 error.

    You should use https.

    liming.ma@volosoft.com

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you set the log level to Debug and share the logs.txt file?

    Thanks

    public async static Task<int> Main(string[] args)
    {
        Log.Logger = new LoggerConfiguration()
            .MinimumLevel.Debug()
            .Enrich.FromLogContext()
            .WriteTo.Async(c => c.File("Logs/logs.txt"))
            .WriteTo.Async(c => c.Console())
            .CreateLogger();
    
  • User Avatar
    0
    hanntd created

    Hi, I deployed my project to nginx on ubuntu for both Blazor and Api. It didn't record log to Logs folder in side Api folder. I have sent the log file (configured in conf of nginx) to your email. Thanks, Dharma

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please set the log level to Debug and share the logs of AuthServer and API website.

  • User Avatar
    0
    hanntd created

    I changed log level as you advised and sent the log to you already. Thanks, Dharma

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi hanntd

    There is no help info in your logs.

    Please write the logs to logs.txt and share the logs of https://ebiz-devapi.abc.com website.

    Thanks

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Hi Maliming, When hosting on ubuntu (nginx) I didn't find any log file in side Logs of HttpApi.Host, I can only get the log file from /log/nginx/... so I cannot get the logs.txt as you mentioned Thanks

    Please share the Program.cs of your ebiz-devapi.abc website.

  • User Avatar
    0
    hanntd created

    I have sent Program.cs to your email. Thanks.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Your logs file exists on Logs/logs.txt, Please check the publish folder of your website.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    System.IO.FileNotFoundException: Signing Certificate couldn't found: /var/www/ebiz/api/authserver.pfx

    Please check the file.

    MessageText: relation "AbpBackgroundJobs" does not exist

    Have you change the TablePrefix ?

  • User Avatar
    0
    hanntd created

    Hi, The file authserver.pfx already exist:

    I also didn't change AbpBackgroundJobs:

    There is no-error if I host on IIS Windows Server for the same release. Thanks, Dharma

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    ok, Please remove the logs.txt and restart the website, then share the logs again. Thanks

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Let me check it remotely. Thanks Join and share your screen. https://us05web.zoom.us/j/85451578578?pwd=vb4VkbCXwW0IIh2GaBAriuIHoG6g5c.1

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    btw, Your current log level is Info You need to set it as Debug

    Please reshare the logs. Thanks again.

  • User Avatar
    0
    hanntd created

    Hi, Sorry, I'm in the meeting so I cannot join Zoom to share screen for your right now. I already changed Log Level to debug and resend the log to your email. Thanks, Dharma

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was marked as rejected by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateTransportSecurityRequirement.

    Request starting HTTP/1.1 GET http:// ebiz-devapi.hqsoft.vn/connect/authorize?response_t

    1. use https for your websites.
    Configure<OpenIddictServerAspNetCoreBuilder>(configure =>
    {
        configure.DisableTransportSecurityRequirement();
    });
    
  • User Avatar
    0
    hanntd created

    Hi, I have checked, the configurations as you mentioned already existed in my code before. Still with this release can run properly on IIS hosting: On Nginx, it still show Swagger page correctly: Only Error on Login page:

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    The URL in your logs is http

    Request starting HTTP/1.1 GET http://ebiz-devapi.hqsoft.vn/connect/authorize?response_t

    Please check your Nginx configuration.

    You can add a middleware to set the Scheme tohttps in your websites.

    https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-7.0#when-it-isnt-possible-to-add-forwarded-headers-and-all-requests-are-secure

  • User Avatar
    0
    hanntd created

    Thanks Maliming, Finally, I resolved my problem by fixing nginx configuration as you advised. Thanks, Dharma

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11