- ABP Framework version: v7.2.
- UI Type: MVC / Vue
- Database System: EF Core SQL Server
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
- Exception message and full stack trace: N/A
- Steps to reproduce the issue:
We have implemented a microservices architecture using the ABP Commercial Microservice template. The architecture is pretty close to the Abp diagram here https://docs.abp.io/en/commercial/7.2/startup-templates/microservice/index with a few notable exceptions.
- We're not using a public gateway or application
- We have a Vue js 3 front end application that authenticates the user through the authserver using the Authorization code flow
- We have a couple of other applications that authenticate the user through the authserver using the Client credentials grant
- The Vue application and external applications access the microservices via API calls through the gateway (we use Postman to test the external application API calls)
The backend applications and gateway are running in a single Azure Kubernetes cluster. The IP address of the gateway pod is 10.1.1.21.
Regardless of which application is executing the microservice method, it appears that the IP address is address for the gateway AKS pod. The expected result would be for the IP Address to be the external IP from the user's machine. (See screenshots from the audit log below). Is this a defect or is there something we need to configure on our end?
7 Answer(s)
-
0
Hi,
Maybe you need this https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balance
-
0
Could you please be more specific. Maybe I need what and where?
There are multiple topics covered in the link you provided.
-
0
You need to configure the Forward header.
https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-8.0#forwarded-headers-middleware-order
-
0
Since this is C# code it's obvious in goes in a .net application. Is that in the front-end application, the ocelot gateway application or the microservice.
If it's in the front end application that won't work for us since we're using Vue for the front-end and using microservices for the backend.
-
0
Hi,
You should add it to the backend code
-
0
Hi,
I updated the program.cs in the web-gateway and in the HttpApi.Host program.cs in one of the microservices. The log is still showing the ip address of the web-gateway pod.
This is the code in the HttpApi.Host program.cs
\`\*\*using System; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.AspNetCore.HttpOverrides; using CprOnAbp.Shared.Hosting.AspNetCore; using Serilog; namespace CprOnAbp.ClientService; public class Program { public async static Task Main(string[] args) { var assemblyName = typeof(Program).Assembly.GetName().Name; SerilogConfigurationHelper.Configure(assemblyName); try { Log.Information($"Starting {assemblyName}."); var builder = WebApplication.CreateBuilder(args); builder.Services.Configure<ForwardedHeadersOptions>(options => { options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto; }); builder.Host .AddAppSettingsSecretsJson() .UseAutofac() .UseSerilog(); await builder.AddApplicationAsync<ClientServiceHttpApiHostModule>(); var app = builder.Build(); app.UseForwardedHeaders(); await app.InitializeApplicationAsync(); await app.RunAsync(); return 0; } catch (Exception ex) { Log.Fatal(ex, $"{assemblyName} terminated unexpectedly!"); return 1; } finally { Log.CloseAndFlush(); } } } \*\*\`
-
0
Hi,
Please configure it in the
ClientServiceHttpApiHostModule
class