Hi, in version 9.3.2 I've found that impersonating a user through Host login (no tenant) and then saas->tenants->actions->login with this tenant gets me this error
however, if I press back twice or o clear the url in the browser (removing /Account/AccessDenied?ReturnUrl=%2FSaas%2FHost%2FTenants) and load the page I'm currently logged in correctly. I've generated the test project directly from AbpStudio modifying no code, using multitenant and one db per tenant. The feature did work in past framework releases.
thanx Rudi
1 Answer(s)
-
0
This issue occurs when impersonating a user from the Host (no tenant) and then using the "Login as this tenant" action in the SaaS module, resulting in an "Access Denied" error. However, after navigating back or clearing the URL, the impersonation works as expected.
This behavior is related to the impersonation and tenant switching flow in ABP 9.3.2. In recent ABP versions, some changes in authentication and tenant context handling may cause the impersonation state or permissions to not be fully refreshed when switching tenants, especially in Blazor Server and tiered setups.
Workarounds and checks:
- Ensure you are using the latest ABP version, as impersonation and tenant switching bugs have been fixed in recent releases.
- After impersonating, a full page reload or clearing the URL can reset the authentication/tenant context, which is why it works after you do this.
- If you have custom authentication or authorization logic, ensure it does not cache or persist the previous tenant context.
- This is a known issue in some ABP versions and is discussed in the support forums. If you need a permanent fix, consider updating to the latest ABP version or follow the related GitHub issues for patches.
For more details and updates, see:
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.