Blazor Web App ABP 9.2.2
On a production system, I am able to log in and use the system all ok. But often when logging back in a 403 - Forbidden: Access is denied error is given. Looking at the logs there are a bunch of "PermissionRequirement" messages.
This looks similar to this support case: https://abp.io/support/questions/8904/Returning-user-causes-permissions-to-fail-in-blazor-app
2025-08-09 15:25:11.480 +10:00 [INF] Request starting HTTP/1.1 GET https://cellero.net/Error?httpStatusCode=404 - null null 2025-08-09 15:25:11.482 +10:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2025-08-09 15:25:11.482 +10:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared). 2025-08-09 15:25:11.482 +10:00 [INF] Executing ViewResult, running view ~/Views/Error/404.cshtml. 2025-08-09 15:25:11.484 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingManagement.Emailing 2025-08-09 15:25:11.484 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpAccount.SettingManagement 2025-08-09 15:25:11.484 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpIdentity.SettingManagement 2025-08-09 15:25:11.485 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AuditLogging.AuditLogs.SettingManagement 2025-08-09 15:25:11.485 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: FeatureManagement.ManageHostFeatures 2025-08-09 15:25:11.485 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: Saas.SettingManagement 2025-08-09 15:25:11.486 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingManagement.Emailing 2025-08-09 15:25:11.486 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpAccount.SettingManagement 2025-08-09 15:25:11.486 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpIdentity.SettingManagement 2025-08-09 15:25:11.486 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AuditLogging.AuditLogs.SettingManagement 2025-08-09 15:25:11.487 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: FeatureManagement.ManageHostFeatures 2025-08-09 15:25:11.487 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: Saas.SettingManagement 2025-08-09 15:25:11.488 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingManagement.Emailing 2025-08-09 15:25:11.488 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpAccount.SettingManagement 2025-08-09 15:25:11.488 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpIdentity.SettingManagement 2025-08-09 15:25:11.488 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AuditLogging.AuditLogs.SettingManagement 2025-08-09 15:25:11.488 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: FeatureManagement.ManageHostFeatures 2025-08-09 15:25:11.488 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: Saas.SettingManagement 2025-08-09 15:25:11.489 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingManagement.Emailing 2025-08-09 15:25:11.489 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpAccount.SettingManagement 2025-08-09 15:25:11.490 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpIdentity.SettingManagement 2025-08-09 15:25:11.490 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: AuditLogging.AuditLogs.SettingManagement 2025-08-09 15:25:11.490 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: FeatureManagement.ManageHostFeatures 2025-08-09 15:25:11.490 +10:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: Saas.SettingManagement
8 Answer(s)
-
0
- This issue is commonly caused by stale or invalid authentication/authorization cookies or tokens in Blazor Web App applications, especially after a user logs out and logs back in, or if the user's permissions/roles have changed since their last session.
- The referenced support case (https://abp.io/support/questions/8904/Returning-user-causes-permissions-to-fail-in-blazor-app) confirms that this is a known scenario in ABP Blazor applications.
Solution Steps:
Clear Cookies and Local Storage:
- Ask the affected user to clear their browser cookies and local storage for your domain, then log in again. This often resolves the issue if it is caused by stale tokens.
Ensure Claims/Permissions Are Refreshed:
- In Blazor Web App, user claims and permissions are cached on the client. If a user's roles or permissions change, or if the authentication state is not refreshed, the client may operate with outdated permissions.
- You can programmatically force a refresh of the user's claims/permissions by calling the
BlazorWebAssemblyCurrentApplicationConfigurationCacheResetService.ResetAsync()
method after login or when you detect a permission issue.
Example:
// Inject the service [Inject] private BlazorWebAssemblyCurrentApplicationConfigurationCacheResetService CacheResetService { get; set; } // Call this after login or when needed await CacheResetService.ResetAsync();
Check for Multiple Authentication Schemes:
- Ensure that your authentication configuration is not causing conflicts (e.g., multiple cookies, or mixing JWT and cookie authentication inappropriately).
Check User Role/Permission Assignments:
- Make sure the user actually has the required permissions (e.g., SettingManagement.Emailing, AbpAccount.SettingManagement, etc.) in the database.
Production Deployment:
- If you are using a load balancer or multiple servers, ensure that data protection keys and authentication settings are consistent across all instances.
Upgrade ABP:
- If you are not on the latest patch of ABP 9.x, consider upgrading, as some issues with authentication/authorization caching have been fixed in recent versions.
If the problem persists after these steps, enable detailed logging for authentication and authorization, and check for any customizations that may affect claims or permission resolution.
Sources:
- https://abp.io/support/questions/8904/Returning-user-causes-permissions-to-fail-in-blazor-app
- https://abp.io/docs/en/abp/latest/UI/Blazor/Authentication
- https://abp.io/docs/en/abp/latest/API/Application-Configuration
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
-
0
-
0
-
0
-
0
hi
The error is
Could not allocate space for object 'celleron.AbpAuditLogActions'.'PK_AbpAuditLogActions' in database 'Cellero_CloudServices' because the 'PRIMARY' filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the filegroup.
Please check your database.
Thanks.
-
0
Ok, the database size issue has been sorted.
Can you log in then log out to experience the 403 - Forbidden: Access is denied.Thanks!
-
0
-
0