Starts in:
2 DAYS
0 HR
9 MIN
17 SEC
Starts in:
2 D
0 H
9 M
17 S

Activities of "balessi75"

Thanks as always @liangshiwei

This was very helpful!

Hi,

you can try

services.ConfigureApplicationCookie(options => 
{ 
    options.ExpireTimeSpan = TimeSpan.FromMinutes(10); 
    options.SlidingExpiration = true; 
}); 

We added this and it had no affect. The user continues to stay logged in after the specified ExpireTimeSpan. During that timespan, no requests were sent to the server.

That makes sense. Thanks @liangshiwei !!

Thanks @liangshiwei

We solved the issue by specifiying Api.* properties. It was not obvious to do this since we are using blazor server.

                            property.Api.OnGet.IsAvailable = false;
                            property.Api.OnUpdate.IsAvailable = false;
                            property.Api.OnCreate.IsAvailable = false;

Hi liangshiwei,

Thank you for the guidance. I'll be giving your approach a try...

Hi liangshiwei,

It appears the user was changing their password with the failed validation "Volo.Abp.Identity:PasswordRequiresNonAlphanumeric", yet they received the following message from abp.jquery.js.

      defaultError403: {
            message: 'You are not authorized!',
            details: 'You are not allowed to perform this operation.'
        },

We are unfamiliar with the internal jquery implementation within ABP.

Please see below for the log details and advise.

https://eiufsd.nvisiononline.net/api/account/my-profile/change-password application/json 99
2024-05-03 13:49:07.331 +00:00 [INF] (Instance: 53d7) Executing endpoint 'Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2024-05-03 13:49:07.335 +00:00 [INF] (Instance: 53d7) Route matched with {controller = "Profile", area = "account", action = "ChangePassword", page = ""}. Executing controller action with signature System.Threading.Tasks.Task ChangePasswordAsync(Volo.Abp.Account.ChangePasswordInput) on controller Volo.Abp.Account.ProfileController (Volo.Abp.Account.Pro.Public.HttpApi).
2024-05-03 13:49:07.351 +00:00 [INF] (Instance: 53d7) Executing action method Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi) - Validation state: "Valid"
2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) ---------- RemoteServiceErrorInfo ----------
{
  "code": "Volo.Abp.Identity:PasswordRequiresNonAlphanumeric",
  "message": "Passwords must have at least one non alphanumeric character.",
  "details": null,
  "data": {},
  "validationErrors": null
}

2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) Passwords must have at least one non alphanumeric character.
Volo.Abp.Identity.AbpIdentityResultException: Passwords must have at least one non alphanumeric character.
   at Microsoft.AspNetCore.Identity.AbpIdentityResultExtensions.CheckErrors(IdentityResult identityResult)
   at Volo.Abp.Account.ProfileAppService.ChangePasswordAsync(ChangePasswordInput input)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
   at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
   at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
   at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, AbpAuditingOptions options, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope)
   at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
   at Volo.Abp.Features.FeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
   at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
   at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) Code:Volo.Abp.Identity:PasswordRequiresNonAlphanumeric
2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) Details:
2024-05-03 13:49:07.575 +00:00 [INF] (Instance: 53d7) Executing ObjectResult, writing value of type 'Volo.Abp.Http.RemoteServiceErrorResponse'.
2024-05-03 13:49:07.578 +00:00 [INF] (Instance: 53d7) Executed action Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 242.5297ms
2024-05-03 13:49:07.578 +00:00 [INF] (Instance: 53d7) Executed endpoint 'Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2024-05-03 13:49:07.626 +00:00 [INF] (Instance: 53d7) Request finished HTTP/1.1 POST https://eiufsd.nvisiononline.net/api/account/my-profile/change-password application/json 99 - 403 - application/json;+charset=utf-8 325.1399ms

Thanks for confirming IanW.

We came up with an approach similar to what you described.

Excellent, this was very helpful. Thanks @maliming!

Hi you can access a video using the link below...

The video shows the following...

  1. User accessing a page they have permissions to
  2. User then accessing a page they do not have permissions to
  3. User then accessing a page that does not exist

https://www.icloud.com/iclouddrive/08aBbYcniD17PdTME67mBM9RQ#Demo_CSD_-_Google_Chrome_2023-12-14_23-26-58

Item 2 is the scenario where we want to redirect to a custom access denied page.

Showing 1 to 10 of 149 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06