Open Closed

Region separation of Auth Server & WebAPI and Extending User Roles #8624


User avatar
0
Navneet@aol.com.au created
  • ABP Framework version: v8.2.3
  • UI Type: MVC
  • Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..) / MongoDB
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

Hi Abp Team,

Due to EU regulations, I need to deploy Authserver and Web API server to one of the EU regions.

The current Setup is divided into:

  • AuthServer in Sydney Australia
  • Web API Host in Sydney Australia
  • MVC Two Application:
    • HR Module in Sydney Australia
    • Accounting Module in Sydney Australia

Question 1: Is there any way I can deploy Auth and Web Api Host in EU regions with no change to the MVC application as No data is saved in MVC, I want my MVC application to detect if the User is in from EU or Non-EU, if EU then consume EU Auth and WebApiHost, if non-EU then user Australian Auth and WebApiHost server?

Question 2: Abp permissions use only Read, Update, Delete and Create, however when a user has access to Read, it allows all users to same read, I am looking a solution for: - If the User belongs to OU Director -> Allow Access to HR and Accounting Application - If the User belongs to OU HR department -> Allow Access to full HR access. - If the User belongs to OU Accounts -> Access to Accounts full access, but HR Module -> Employees List -> Read Access to non-Director OU. - Shomehow I can user a filter in roles like (x => x.OU == "Director")

Thanks, Navneet


4 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Question 1: Is there any way I can deploy Auth and Web Api Host in EU regions with no change to the MVC application as No data is saved in MVC, I want my MVC application to detect if the User is in from EU or Non-EU, if EU then consume EU Auth and WebApiHost, if non-EU then user Australian Auth and WebApiHost server?

    You can add a middleware to update the remote service URLs dynamically

    public override void OnApplicationInitialization(ApplicationInitializationContext context)
    {
        var app = context.GetApplicationBuilder();
        var env = context.GetEnvironment();
    
        app.UseForwardedHeaders();
    
    
        app.Use(async (httpContext, next) =>
        {
            // get user region
            var cultureName = CultureInfo.CurrentCulture.Name;
            // check is user from European Union
            var isEu = cultureName == "de-DE" || cultureName == "en-GB" || cultureName == "fr-FR" || cultureName == "it-IT" || cultureName == "es-ES" || cultureName == "nl-NL" || cultureName == "pl-PL" || cultureName == "pt-PT" || cultureName == "ro-RO" || cultureName == "sv-SE" || cultureName == "cs-CZ" || cultureName == "da-DK" || cultureName == "fi-FI" || cultureName == "el-GR" || cultureName == "hu-HU" || cultureName == "lt-LT" || cultureName == "lv-LV" || cultureName == "mt-MT" || cultureName == "sk-SK" || cultureName == "sl-SI" || cultureName == "bg-BG" || cultureName == "hr-HR" || cultureName == "et-EE" || cultureName == "ga-IE";
            var options = httpContext.RequestServices.GetRequiredService<IOptions<AbpRemoteServiceOptions>>();
            if (isEu)
            {
                options.Value.RemoteServices.Default!.BaseUrl = "EuropeBaseUrl...";
            }
            else
            {
                options.Value.RemoteServices.Default!.BaseUrl = "OtherBaseUrl...";
            }
            await next();
        });
    
        ..........
    
    }
    
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Abp permissions use only Read, Update, Delete and Create, however when a user has access to Read, it allows all users to same read, I am looking a solution for:

    you can consider to add a custom data filter:

    https://abp.io/docs/latest/framework/infrastructure/data-filtering

  • User Avatar
    0
    Navneet@aol.com.au created

    HI Liangshiwei,

    Thanks for sharing

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    :)

    Let me know if you got any problems

Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.0.0-preview. Updated on August 28, 2025, 08:29