We have a customer who has high security requirements. User authentication runs via Microsoft (AzureAD / Entra). We have configured the external Microsoft provider, which works well.
However, the problem is that the customer does not accept that the ClientId & ClientSecret are stored in plain text in the database. The option of storing this information in appsettings.json is of course even worse and therefore not an alternative.
What options would I have to store this information securely?
Of course, it would also be great if you could implement this in a future version so that the information is stored in the AbpSettings in encrypted way, for example. But until then, I need another solution as quickly as possible.
A similar question concerns the credentials of a client that accesses via the HTTP API. As background info: The client runs as a Windows service. Here ClientId & ClientSecret are currently in the appsettings.json file.
I know that there are various approaches to solving this. I would be interested to know which you think is the best option so that even an admin user with access to this file cannot read this information?
Thanks, Adrian
Steps to reproduce the issue:
Create a new Blazor Server project (with ABP Suite), set the TopMenu layout and start it. Log in and click on the dashboard. -> Breadcrumbs & title missing
Select refresh (or reload page with F5) -> Now it looks correct
Workaround for this problem:
await MyAppService.GetListAsync()
) protected override async Task OnAfterRenderAsync(bool firstRender)
{
await base.OnAfterRenderAsync(firstRender);
if (firstRender)
{
await InvokeAsync(StateHasChanged);
}
}
The problem has been known for a long time, but unfortunately it has never been fixed... #4551
Thanks for fixing it. Adrian
In the LeptonX demo you present 3 different account pages. I would like to use the "Login 3" layout for the login. How do I have to configure the application so that this is applied?
I know I read about this somewhere, but I can't find it anymore... I have searched the documentation, blogs, forum, Discord, etc. for a long time now... But it is in the demo, so it must work somehow. But how?
I'm not talking about how to create a custom layout, I know that and I can find plenty of explanations. It's about how I choose one of the 3 LeptonX layouts.
Thanks, Adrian
We have already made several ABP applications with Blazor Server (without Redis Cache). But never with the "Public Website" so far. Now we would like to integrate it and were surprised that the Redis cache is necessary here. We do not have a distributed / tiered application.
I know that this is a prerequisite for the CRM module.
I would be interested to know why the cache is absolutely necessary? What are the reasons for this? Does it have to do with the fact that the Blazor app and the public website share certain things?
I also have the question of how large the cache needs to be if I host the application on Azure... that costs extra money again...
Thanks, Adrian
1. Create a master entity in the Abp Suite
2. Generate the master (without "Add migration" - I only want to do this once I have generated all the entities correctly)
3. Create a child entity with the above master as parent
4. Generate the child -> ends with error due to DB migration
5. Compile the solution -> ends with error in DataGrid, see below
If the child entity contains properties that require a DisplayTemplate in the DataGrid (e.g. bool or DateTime), this leads to the following error when compiling:
RZ9999 The child content element 'DisplayTemplate' of component 'DataGridColumn' uses the same parameter name ('context') as enclosing child content element 'DetailRowTemplate' of component 'DataGrid'. Specify the parameter name like:
'<DisplayTemplate Context="another_name">
to resolve the ambiguity
I can solve this by writing something like <DisplayTemplate Context="option_context">
(you already do this with the actions, for example), but it is then overwritten every time I have to regenerate the entity.
With the child, there is no option to deactivate the DB migration. If you don't want this for the master, then you don't want it for the child either. In addition, because of the above error, it naturally means that a migration can never be created because of the error in the DataGrid.
Thanks for fixing and refunding it.
Adrian
1. Create an entity in the Abp Suite
2. Add property of type Enum
3. Select enum from **another namespace** (sometimes necessary if you want to use an enum for different entities)
4. Select **Nullable**
5. Generate entity and compile solution
The using for the namespace "MyProject.Enums" is missing in the razor file:
Because the enum is optional, it must be checked for null:
Thanks for fixing it :-)
Adrian
Exception message and full stack trace:
System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch
Details:
We use Microsoft Azure as an external login provider. On my development system, everything works fine with the Microsoft login (with another Microsoft Entra ID instance).
When I wanted to install this on our customer's test system and tested the connection to their Entra ID, the authentication could be performed, but the above error occurred during the callback.
The customer, a large company with various security systems, then looked in the firewall and noticed that the callback from Microsoft had landed in their honeypot. He thinks that the reason is probably that the request from our application did not go through the proxy (although this is configured system-wide on the server).
Could this have something to do with the proxy and can I set it explicitly in the application? Or does it have to do with something completely different?
I have just updated to version 7.4.0. It is a Blazor server application. I am using the LeptonX theme with the TopMenu layout. Several issues have come to my attention:
When I go to an account page (click on profile picture), the menu (and profile picture) is no longer visible (in all MVC / account views).
The links "Linked accounts" & "Authority delegation" point to the "My account" page (/Account/Manage).
In mobile view (MVC) the context menu does appear, but it looks buggy.... at least not the same as in Blazor. Icons are missing, formatting is not nice and why is the profile picture and username displayed again at the bottom? Note: In the screenshot I made certain things unrecognizable ;-) MVC:
Again in the MVC context menu the selected language is either not displayed correctly (sometimes EN, although another one was selected), or even worse like on the screenshot:
I have the feeling that with every update new bugs come in with the TopMenu-Layout... have already reported many errors for this layout. It would be nice if you would test this layout a bit more.
Thanks, Adrian
I have created a new Blazor server project with the latest version 7.3.3. I use the LeptonX 2.3.3 theme with the TopMenu layout. I saw in the documentation that I can disable the breadcrumbs by doing the following:
Configure<PageHeaderOptions>(options =>
{
options.RenderBreadcrumbs = false;
});
When I look with the debugger, this value is already initialized with "false". And still the breadcrumbs are not hidden. Also the other options (PageTitle & Toolbar) do not work.
By the way, another bug with LeptonX options: I already wrote this in the thread, the options for MobileMenuSelector don't work either.... Is there any news about this? Could the bug be reproduced?
Configure<LeptonXThemeBlazorOptions>(options =>
{
options.Layout = LeptonXBlazorLayouts.TopMenu;
options.MobileMenuSelector = items => items.Where(x => x.MenuItem.Name == "Home");
});
Since I think this is a bug, I would appreciate it if you would credit me back the points.
Thanks, Adrian
I use the login with the external provider "Microsoft" (Azure AD). If the user does not exist yet, it will be registered with the email address by default. However, I would like to automatically fill the other information as well: firstname, lastname and profile picture...
How can I do this? I have tried with a custom LoginModel but have not figured out how and which method I would need to hook into.