Hi,
I get this error when running a background worker after upgrading from v7.3.0 to v9.1.0: The data you have submitted has already been changed by another user. Discard your changes and try again
I found so many questions the same as mine but could not find any answer.
at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.GetAccessTokenAsync(IdentityClientConfiguration configuration)
at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.GetAccessTokenOrNullAsync(String identityClientName)
at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.TryAuthenticateAsync(HttpClient client, String identityClientName)
at Volo.Abp.Http.Client.IdentityModel.IdentityModelRemoteServiceHttpClientAuthenticator.Authenticate(RemoteServiceHttpClientAuthenticateContext context)
at Volo.Abp.Http.Client.IdentityModel.Web.HttpContextIdentityModelRemoteServiceHttpClientAuthenticator.Authenticate(RemoteServiceHttpClientAuthenticateContext context)
at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync(ClientProxyRequestContext requestContext)
at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync[T](ClientProxyRequestContext requestContext)
at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync[T](String methodName, ClientProxyRequestTypeValue arguments)
at MZH.MHIBS.JFSAService.TransactionReports.TransactionReportClientProxy.GenerateReportFileAsync() in ...
at MZH.MHIBS.BackgroundWorker.JFSAService.ScanReportFileWorker.SendReportFile() in ...
at MZH.MHIBS.BackgroundWorker.JFSAService.ScanReportFileWorker.Execute(IJobExecutionContext context) in ...
23 Answer(s)
-
0
The error message "The data you have submitted has already been changed by another user. Discard your changes and try again" is related to ABP's concurrency check system, which uses the ConcurrencyStamp property to prevent conflicting updates to the same data by multiple processes or users.
In ABP v9.1.0, as in previous versions, if you update an entity that implements IHasConcurrencyStamp (such as most aggregate roots), ABP will compare the ConcurrencyStamp value from your request with the current value in the database. If they do not match, an AbpDbConcurrencyException is thrown, resulting in the error you see.
This often happens in background workers or distributed systems if:
- The entity was updated by another process after you fetched it but before you saved your changes.
- The DTO or update request does not include the latest ConcurrencyStamp value.
- The background worker is using stale data or not retrieving the latest entity state before updating.
Solution Steps:
- Ensure that your update DTOs and service calls include the ConcurrencyStamp property and that you are passing the latest value from the database when performing updates.
- Before updating an entity in your background worker, always fetch the latest version from the database, including its current ConcurrencyStamp.
- If you are using custom mapping or manual update logic, make sure the ConcurrencyStamp is not being omitted or overwritten incorrectly.
- If you want to handle concurrency exceptions gracefully, catch AbpDbConcurrencyException and implement a retry or refresh logic as needed.
Example:
public async Task UpdateEntityAsync(UpdateEntityDto input) { var entity = await _repository.GetAsync(input.Id); // Map other properties entity.ConcurrencyStamp = input.ConcurrencyStamp; // Ensure this is set await _repository.UpdateAsync(entity); }If you are using CrudAppService or ICrudAppService, ensure your DTOs implement IHasConcurrencyStamp and the property is included in your update requests.
Reference Implementation:
See the official ABP concurrency check guide for a full example and best practices:- https://abp.io/community/articles/jlkc3w8f
This guide provides a step-by-step walkthrough for implementing and troubleshooting concurrency checks in ABP-based applications.
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
-
0
Hi,
The log show message related to
GetAccessToken, I got 1 issue related this is: I could not increase Access Token lifetime despire of configuring in AuthServerModulePreConfigure<OpenIddictServerBuilder>(builder => { builder.SetAccessTokenLifetime(TimeSpan.FromHours(24)); });This code worked fine in v7.3.0
-
0
hi
Can you share the full error logs of the AuthServer project?
liming.ma@volosoft.com Thanks
-
0
Hi,
Already sent. Please help to check.
-
0
hi
Can you try to upgrade all abp&volo packages to the latest(9.1.3)?
Thanks.
-
0
Hi,
Is there any specific code that I can change? Because I've just upgraded to v9.1.0 and released on Production, upgrade to new version need to be tested carefully
-
0
hi
The 9.1.3 is the latest 9.1 patch version.
You can upgrade all packages to 9.1.3.
Thanks.
-
0
Hi,
What is the reason of that issue? I just want to fix only that issue firsrt, because it is on Production. Upgrade to new version will take much time.
-
0
hi
OpenIddict occasionally encounters conflicts under concurrent conditions, and we've made improvements to address this in the latest version.
Thanks.
-
0
Hi,
So, did you already fix the issue of increasing Access Token liftetime in v9.1.3?
-
0
hi
Can you check the lifetime of your OpenIddict application?
And can you share an access token?
Thanks.
-
0
I don't set token lifetime for each Application. Only set this one in AuthServerModule. It will affect for all Application, right?
PreConfigure<OpenIddictServerBuilder>(builder => { builder.SetAccessTokenLifetime(TimeSpan.FromHours(24)); });I've sent you access token via email
As you can see exp is 24hours, but still unauthorized after 1 hour
-
0
hi
Your access token is no problem. which means
builder.SetAccessTokenLifetime(TimeSpan.FromHours(24));works,but still unauthorized after 1 hour
Can you share the logs for the
unauthorizederror?See https://abp.io/support/questions/8622/How-to-enable-Debug-logs-for-troubleshoot-problems to enable debug logs.
Thanks.
-
0
Hi,
I've sent the logs. Please check.
-
0
hi
Can you set the log level to
Debugand ShowPII in theMZH.MHIBS.MaturityReportService.HttpApi.Hostproject?
Thanks.
-
0
Hi,
Please check the logs I've sent to your email. After 1 hour, I access to another page and see this in Web log:
[10:13:25 INF] Sending HTTP request POST https://authserver.upgrade-staging.mizuho.vn/api/account/dynamic-claims/refreshand K8s can not understand the domain (it should be
http://authserver-upgrade-staging/api/account/dynamic-claims/refreshfor internal call). In localhost, access token is still valid more than 1 hour -
0
hi
Can you also share the
Logs/identitymodel.txt?The authserver domain is obtained from
JwtBearerOption.AuthorityIn Kubernetes, the API website sends HTTP requests to the AuthServer, so please make sure the network is working properly.
In other words, your internal domain names are correctly accessible.
Thanks.
-
0
Hi,
Already sent
identitymodel.txt. Please check. -
0
hi
There is no error in
identitymodel.txtCan you delete the current
logs.txtandidentitymodel.txtfiles from the API wensote?Then reproduce the unauthorizederror multiple times, And share the full
logs.txtandidentitymodel.txtThanks.
-
0
Hi,
I fixed this issue by adding this code in WebModule to change Dynamic Claim URL for internal call in K8s
context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options => { options.IsDynamicClaimsEnabled = true; options.RemoteRefreshUrl = configuration["AuthServer:MetadataAddress"] + options.RemoteRefreshUrl.Replace(configuration["AuthServer:Authority"],""); --> ADDED THIS LINE });But can you explain why dynamic claim impact to Access Token lifetime?
-
0
hi
dynamic claim impact to Access Token lifetime?
The
RemoteRefreshUrldefault value will beJwtBearerOption.Authority + "/api/account/dynamic-claims/refresh"Dynamic will not change the access token lifetime. But it will make the current login state invalid if the API can't reach the AuthServer.
Therefore, your API website must communicate with the AuthServer website using
RemoteRefreshUrl.Thanks.
-
0
Hi,
So, when dynamic claim is called? Every 1 hour?
-
0
The default
CacheAbsoluteExpirationis 1 hour
