Activities of "castcrewit"
Thank You @ahmedtfarukulu. This is the kind of explanation I was looking for and upon reading we cleared the Redis and it solved the problem. I never knew there was any dependency on Redis Cache for Data Seeding as its just a cache so never thought Redis would introduce issues like this. However we were able to solve it and we are now able to access everything.
BUT then we ran across another issue related to Impersonating to a Tenant using Login With this Tenant. We literally scratched our heads as all permissions were set up correctly as well as the Grants. It consistently complained that permission was missing . We then came across this document and tried to implement what's been referred here : https://abp.io/docs/commercial/8.1/modules/account/impersonation
Then we were able to make it work. But the documentation says its enabled by default above 5.0 which is not correct as we had to change the code.
Now we are running into another issue and below is the screenshot which is self explanatory :
Can you please help us identifying or letting us know what needs to be changed. Why its appearing to be a text box, it should rather show a list of users as this tenant has 2 users
@maiiming whats the next steps ? This issue has been opened since 8 days and constant back and forth has been happening but we are unable to come to any conclusive reason. I have already shared the code in the past and bunch of logs. Please escalate this issue to the next level as we are looking for a solution as soon as possible.
One thing we are noticing is this :
fail: Volo.Abp.PermissionManagement.AbpPermissionManagementDomainModule[0]
Unknown database 'PSLWeb_dev3_Administration'
MySqlConnector.MySqlException (0x80004005): Unknown database 'PSLWeb_dev3_Administration'
at MySqlConnector.Core.ServerSession.ReceiveReplyAsync(IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ServerSession.cs:line 894
at MySqlConnector.Core.ServerSession.ConnectAsync(ConnectionSettings cs, MySqlConnection connection, Int64 startingTimestamp, ILoadBalancer loadBalancer, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ServerSession.cs:line 532
at MySqlConnector.Core.ConnectionPool.ConnectSessionAsync(MySqlConnection connection, Action`4 logMessage, Int64 startingTimestamp, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 428
at MySqlConnector.Core.ConnectionPool.ConnectSessionAsync(MySqlConnection connection, Action`4 logMessage, Int64 startingTimestamp, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 433
at MySqlConnector.Core.ConnectionPool.GetSessionAsync(MySqlConnection connection, Int64 startingTimestamp, Int32 timeoutMilliseconds, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 111
at MySqlConnector.Core.ConnectionPool.GetSessionAsync(MySqlConnection connection, Int64 startingTimestamp, Int32 timeoutMilliseconds, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 144
at MySqlConnector.MySqlConnection.CreateSessionAsync(ConnectionPool pool, Int64 startingTimestamp, Activity activity, Nullable`1 ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/MySqlConnection.cs:line 919
at MySqlConnector.MySqlConnection.OpenAsync(Nullable`1 ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/MySqlConnection.cs:line 419
at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenAsync(CancellationToken cancellationToken, Boolean errorsExpected)
at Pomelo.EntityFrameworkCore.MySql.Storage.Internal.MySqlRelationalConnection.OpenAsync(CancellationToken cancellationToken, Boolean errorsExpected)
at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable`1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken)
at Pomelo.EntityFrameworkCore.MySql.Storage.Internal.MySqlExecutionStrategy.ExecuteAsync[TState,TResult](TState state, Func`4 operation, Func`4 verifySucceeded, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
at Volo.Abp.Domain.Repositories.EntityFrameworkCore.EfCoreRepository`2.GetListAsync(Boolean includeDetails, CancellationToken cancellationToken)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Volo.Abp.PermissionManagement.DynamicPermissionDefinitionStore.UpdateInMemoryStoreCache()
at Volo.Abp.PermissionManagement.DynamicPermissionDefinitionStore.EnsureCacheIsUptoDateAsync()
at Volo.Abp.PermissionManagement.DynamicPermissionDefinitionStore.GetGroupsAsync()
at Volo.Abp.PermissionManagement.AbpPermissionManagementDomainModule.PreCacheDynamicPermissionsAsync(PermissionManagementOptions options, IServiceScope scope)
fail: Volo.Abp.PermissionManagement.AbpPermissionManagementDomainModule[0]
---------- Exception Data ----------
Server Error Code = 1049
SqlState = 42000
There are more and you will get to see see in the logs, but the modules seeding is getting fired before the microservice migrations are being ran and that's causing the issue.
I have sent the logs for all Projects to your email. Thank you in advance for looking into it
@maliming you never responded about the second point where I mentioned clearly that I was able to overcome the seeding issue but seeing issues with redirection from Web gateway to identity apis without the token.
This issue is stopping us to move further and I think we should set up a call to discuss this. Please read some of our finding :
- When we use AWS MQ broker as our Rabbit MQ the data seeding doesn't work properly, i.e. the table like AbpPermissionGrants are getting populated while AbpPermissionGroups and AbpPermissions are not getting populated.This tells me the way the Rabbit MQ is configured and used can only be used by the data seeder but not by the underlying programs.
We have configured the Rabbit MQ this way :
if (!env.IsDevelopment())
{
Configure<AbpRabbitMqOptions>(options =>
{
options.Connections.Default.UserName = configuration["RabbitMQ:Connections:Default:UserName"];
options.Connections.Default.Password = configuration["RabbitMQ:Connections:Default:Password"];
options.Connections.Default.HostName = configuration["RabbitMQ:Connections:Default:HostName"];
options.Connections.Default.Port = 5671;
options.Connections.Default.Ssl = new RabbitMQ.Client.SslOption
{
Enabled = true,
ServerName = configuration["RabbitMQ:Connections:Default:HostName"]
};
options.Connections.Default.VirtualHost = configuration["RabbitMQ:Connections:Default:VirtualHost"];
});
}
- In order to overcome this we tried to create the database using our localhost and local RabbitMQ and the permissions are getting populated properly, then we connected the database to our hosted application. And we made sure all URLS and clientids are properly configured. However the issue still persist. The thing what we observed here is lets when we wanted to get the list of users in our angular app and we hit the web Gateway and the WebGateway returns a 301 error and then the request is transfeered to the Identity End Point , however the request doesnt contain the authroization header. When we used a post man and copied the authroization header which was sent to the WebGateway and started sending to the Identity end point everything works fine. This behavior is not seen for Audit Log or for Languages end points so those screen works properly. This behaviour is also not seen in any end point in localhost. I will be sending the HAR files to your email, but please do respond with some details, all your response has been either references to other tickets or asking for more logs. I have sent a lot of information in the past and don't mind sending if that helps.
We have an enterprise account , so if there is another way to looks at this issue privately or with more focus please let me know. Our whole development has come to a stand still as we don't want to proceed without understanding how things are working.
I also checked the same error but was confused as I was using the default admin user and this is the only user in the system. My doubts is probably not all tables are properly getting populated with the data seeding.
Do you have the list of tables that should be getting populated for an Admin user to work prooperly ?
Also where should I look for issues during data seeding ?
This issue has become a bottle neck for the project.
I was able to solve the Login issue and I am adding the code here in case any one wants to take advantage of
private void ConfigureJwtBearer(ServiceConfigurationContext context, IConfiguration configuration)
{
context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddAbpJwtBearer(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.MetadataAddress = configuration["AuthServer:MetaAddress"]!.EnsureEndsWith('/') + ".well-known/openid-configuration";
options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
options.Audience = configuration["AuthServer:Audience"];
** // IDX10204: Unable to validate issuer on K8s if not set
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidIssuers = new[] { configuration["AuthServer:Authority"]!.EnsureEndsWith('/') },
// IDX10500: Signature validation failed. No security keys were provided to validate the signature on K8s
SignatureValidator = delegate (string token, TokenValidationParameters parameters)
{
var jwt = new Microsoft.IdentityModel.JsonWebTokens.JsonWebToken(token);
return jwt;
}
};
**
});
}
However I am having several CORS issue after logging in. I was able to load Audit Log page fine, but SAAS, Identity or OpenID pages are not loading.
I have sent you an email with all the logs, HAR files as well as a link to download the source code in case you want to inspect what I have configured wrong.
I have send a lot of details to shiwei.liang@volosoft.com as I couldn't upload the log because of the size restriction.
I have put the log file, HTTP Archive file so that you can import to your chrome browser and the see the traffic what I am seeing.
I have also put in a line of code I made changes as well.
Please look into this as a priority as this is holding us up to move further.
- ABP Framework version: Latest Version
- UI Type: Angular /
- Database System: MySQL
- Tiered (for MVC) or Auth Server Separated (for Angular): Auth Server Separete
- Exception message and full stack trace:
- Steps to reproduce the issue:
I am able to bring up all the microservices as well as the Angular App. When i click on Login it redirects me to the Auth Server and then it brings me back to the Angular App, and then it calls the api : https://dev.web-gateway.xxx.dev.aws.yyy.com/api/abp/application-configuration?includeLocalizationResources=false and i can see the berarer token as well , however the response i get is : "currentUser": { "isAuthenticated": false, "id": null, "tenantId": null, "impersonatorUserId": null, "impersonatorTenantId": null, "impersonatorUserName": null, "impersonatorTenantName": null, "userName": null, "name": null, "surName": null, "email": null, "emailVerified": false, "phoneNumber": null, "phoneNumberVerified": false, "roles": [], "sessionId": null },
which is probably not allowing me to login. So I am unable to understand if a valid token is passed (as i checked the token and compared with the token api) then why the response say isAuthenticated is false.