My server i see the for web and APIhost that scope as profie,email etc and MyprojectName - which i believe acts as the scope for complete project resources(apis,pages etc).
Now i have two questions: 1. How can i create a scope for certain resources like to a specific controller 2. I have a machine to server communication, where i dont have userlogged in and i need to handle the secure api communication/authorization based on the machine identity. How can i user openid/autheserver to handle this scenario in abp.
hi
openid client credentials are not created in the tenant
The openiddict application/client should always store on Host database.
Tommorow if i create a tenant for customer, Should i not give the tenant admin provision to add openid applications/clients ??
showing invalid certificate but it is showing as valid certificate for web.xyx.com
Your HTTPS certification should contain the
*.web.xyx.com.
Rather than having multilevel subdomains, if i use three certificates for api,authserver and web and create a tenant test, will abp support test.api.com -> test.authserver.com -> test.web.com tenant resolution?
acme.sh --issue --dns dns_cf -d getabp.net -d '*.getabp.net' -d '*.api.getabp.net' -d '*.ids.getabp.net' -d '*.ng.getabp.net' -d '*.web.getabp.net'
I have configured the widl card i.e., *.xyz.com to my server as follows
API Host - api.xyz.com AuthServer - auth.xyz.com WebServer - web.xyz.com
I have observerd two issues here
Should i take three different certiifcate like *.apimyproduct.com , *.authmyproduct.com etc.
Can you help us what should be the preffered way to host the applications in the multi tenant context.
Thanks, i got the issue. Issue seems to be with Rabbitmq for some reason.
Altough i have configured the rabbitmq, application is not able to connect on 5672. Altough i didnt see any issue while debug, insertasync is throwing an expection after some time saying "not able to reach specific endpoint" rabbitmq server etc..,
Once i fix the rabbitmq connection, im able see users in the DB
If possible, I would like to connect with you and share the screen, so that we can have better context of it.
Hi , I could debug it, as i see the all the line are getting executed, and i even see the identityuser object response from the insert function.
What should i log to get more information.
Thanks
This is in UserDirectoryService in application layer
public virtual async Task<ADBaseResponse> ImportUsersAsync(ADUserObjectInputArgs input)
{
//Enqueue job with delay and priority
if(input.TenantId == null)
{
input.TenantId = this.CurrentTenant.Id;
}
await _backgroundJobManager.EnqueueAsync<ADUserObjectInputArgs>(input, BackgroundJobPriority.Normal);
return new ADBaseResponse() { Status = true, Message = "Users Syncing Initiated" };
}
**Backgroundjob: which is in domain layer**
[DisallowConcurrentExecution]
public class ADUsersManualSyncJob : AsyncBackgroundJob<ADUserObjectInputArgs>, ITransientDependency
{
//private readonly ICancellationTokenProvider _cancellationTokenProvider;
protected UserDirectoryManager UserDirectoryManager;
protected UserDirectoryFilterManager UserDirectoryFilterManager;
private readonly ADManagerService ADManagerServices;
protected UserManagementService UserManagementServices;
public ADUsersManualSyncJob(
//ICancellationTokenProvider cancellationTokenProvider,
UserDirectoryManager userDirectoryManager,
UserDirectoryFilterManager userDirectoryFilterManager, ADManagerService aDManagerService, UserManagementService userManagementServices
)
{
//_cancellationTokenProvider = cancellationTokenProvider;
UserDirectoryManager = userDirectoryManager;
UserDirectoryFilterManager = userDirectoryFilterManager;
ADManagerServices = aDManagerService;
UserManagementServices = userManagementServices;
}
[UnitOfWork]
public override async Task ExecuteAsync(ADUserObjectInputArgs args)
{
//_cancellationTokenProvider.Token.ThrowIfCancellationRequested();
var directoryServiceData = await UserDirectoryManager.GetDirectoryById(args.DirectoryId);
if (directoryServiceData != null)
{
var resp = await ProcessAsync(userData, args.TenantId, userInfo.UserAttributes); // code omitted for brevity
if(resp == null)
{
//TODO...
}var
}
}
private async Task<IdentityUser> ProcessAsync(CreateUserorUpdateInput input, Guid? tenantId, IDictionary<string, string> additionalAttributes)
{
//TODO...
var userInfo = await UserManagementServices.CreateUserAsync(input, tenantId, additionalAttributes);
return userInfo;
// need to call the create user function to onboard the user from Usermanagement Services...
}
**this is the create user function which is in user management service manager which is in domain layer**
************************************************************************************************************************************************
public class UserManagementService : ITransientDependency
{
protected IdentityUserManager _userManager { get; }
private readonly IIdentityRoleRepository RoleRepository;
private readonly IIdentityUserRepository _xSenseIdentityUserRepository;
protected UserDirectoryManager _userDirectoryManager { get; }
protected IOptions<IdentityOptions> IdentityOptions { get; }
public UserManagementService(IdentityUserManager userManager, IIdentityRoleRepository roleRepository, UserDirectoryManager userDirectoryManager,
IIdentityUserRepository xSenseIdentityUserRepository)
{
_userDirectoryManager = userDirectoryManager;
_userManager = userManager;
RoleRepository = roleRepository;
_xSenseIdentityUserRepository = xSenseIdentityUserRepository;
}
public bool CanCreateUserAsync(Guid? input)
{
try
{
return true;
}
catch (Exception ex)
{
return false;
}
}
[UnitOfWork]
public async Task<IdentityUser> CreateUserAsync(CreateUserorUpdateInput input,Guid? tenantId,IDictionary<string,string> additionalAttributes = null)
{
try
{
if(CanCreateUserAsync(tenantId))
{
var user = new IdentityUser(
input.Id,
input.UserName,
input.Email,
tenantId)
{
IsExternal = true,
Surname = input.Surname,
Name = input.Name
};
user.SetIsActive(true);
user.SetPhoneNumber(input.PhoneNumber, false);
user.SetEmailConfirmed(input.EmailConfirmed);
user.SetPhoneNumberConfirmed(input.PhoneNumberConfirmed);
user.SetDirectoryId(input.DirectoryId);
var dirObj = await _userDirectoryManager.GetDirectoryById(input.DirectoryId);
user.SetDirectoryName(dirObj.Name);
user.SetDirectoryType(dirObj.Type);
input.MapExtraPropertiesTo(user);
if(input.Password == null)
{
input.Password = user.Id.ToString();
}
var roleeNames = RoleRepository.GetListAsync().Result.Where(r => r.IsDefault == true).Select(r => r.Name).ToArray();
foreach (var item in additionalAttributes)
{
user.SetExtraProperties(item.Key, item.Value);
}
user.SetExtraProperties("FilterId", input.FilterId.ToString());
if(user != null)
{
var userResp = await _xSenseIdentityUserRepository.InsertAsync(user);~~~~
return userResp;
}
else
{
return null;
}
}
else
{
return null;
}
}
catch (Exception ex)
{
return null;
}
}
}
Now the issue is, users are not getting created in database, even though i dont see any excption in the entire flow.
One more observation is the same code is working in a different machine. I want to understand what could be the issue.
Altough i have used Quartz for background job implementation, i have also have rabbitmq settings in the appsettings but have an issue connecting to rabbitmqserver . Hope that wont be an issue.
Hi
I have configured the filebased documentation on ABP version 7.0.0. I could view the documentation.
When i run in debug mode and updating the doc source it is updating instantly after page refresh.
But when i deploy the same in IIS and trying to change the docs source in the server, it is not reflecting.
Can you help me understand what the reason for it ?