Activities of "dvillena.cp"

Hi, It seems we’re still having the same issue because a user logged in and got the 400 error immediately. I’ve sent you the Identity logs from the moment the error occurred.

2026-02-18 08:10:38.303 +01:00 [WRN] Ldap login feature is not enabled!
2026-02-18 08:10:38.304 +01:00 [WRN] OAuth login feature is not enabled!
2026-02-18 08:10:38.397 +01:00 [INF] Executed action method Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore), returned result Microsoft.AspNetCore.Mvc.SignInResult in 94.5037ms.
2026-02-18 08:10:38.398 +01:00 [INF] Executing SignInResult with authentication scheme (OpenIddict.Server.AspNetCore) and the following principal: System.Security.Claims.ClaimsPrincipal.
2026-02-18 08:10:38.414 +01:00 [INF] Executed action Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) in 112.8529ms
2026-02-18 08:10:38.415 +01:00 [INF] Executed endpoint 'Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore)'
2026-02-18 08:10:38.433 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/token application/x-www-form-urlencoded 123 - 200 1548 application/json;charset=UTF-8 147.8813ms
2026-02-18 08:10:57.750 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673
2026-02-18 08:10:57.763 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673 - 200 302 application/json;charset=UTF-8 13.0180ms
2026-02-18 08:10:57.938 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673
2026-02-18 08:10:57.944 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673
2026-02-18 08:10:57.946 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673
2026-02-18 08:10:57.955 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673 - 200 302 application/json;charset=UTF-8 17.2025ms
2026-02-18 08:10:57.956 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673 - 200 302 application/json;charset=UTF-8 12.7770ms
2026-02-18 08:10:57.963 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673 - 200 302 application/json;charset=UTF-8 16.9383ms
2026-02-18 08:10:58.018 +01:00 [INF] Request starting HTTP/1.1 GET https://extranetidentity.cincaporc.com/api/account/profile-picture-file/160cb32b-0828-695f-edc4-3a08d7705fcb?api-version=1.0 - -
2026-02-18 08:10:58.019 +01:00 [INF] Executing endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2026-02-18 08:10:58.019 +01:00 [INF] Route matched with {area = "account", action = "GetProfilePictureFile", controller = "Account", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Content.IRemoteStreamContent] GetProfilePictureFileAsync(System.Guid) on controller Volo.Abp.Account.AccountController (Volo.Abp.Account.Pro.Public.HttpApi).
2026-02-18 08:10:58.022 +01:00 [INF] Executing action method Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi) - Validation state: "Valid"
2026-02-18 08:10:58.023 +01:00 [INF] Executed action method Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi), returned result Microsoft.AspNetCore.Mvc.ObjectResult in 0.9072ms.
2026-02-18 08:10:58.024 +01:00 [INF] Executing ObjectResult, writing value of type 'Volo.Abp.Content.RemoteStreamContent'.
2026-02-18 08:10:58.024 +01:00 [INF] Executed action Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 4.3813ms
2026-02-18 08:10:58.024 +01:00 [INF] Executed endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2026-02-18 08:10:58.024 +01:00 [INF] Request finished HTTP/1.1 GET https://extranetidentity.cincaporc.com/api/account/profile-picture-file/160cb32b-0828-695f-edc4-3a08d7705fcb?api-version=1.0 - - - 200 2939 image/jpeg 6.5757ms
2026-02-18 08:10:58.188 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673
2026-02-18 08:10:58.201 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673 - 200 302 application/json;charset=UTF-8 12.8679ms
2026-02-18 08:10:58.420 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/token application/x-www-form-urlencoded 123
2026-02-18 08:10:58.435 +01:00 [INF] Executing endpoint 'Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore)'
2026-02-18 08:10:58.435 +01:00 [INF] Route matched with {action = "Handle", controller = "Token", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] HandleAsync() on controller Volo.Abp.OpenIddict.Controllers.TokenController (Volo.Abp.OpenIddict.AspNetCore).
2026-02-18 08:10:58.436 +01:00 [INF] Executing action method Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) - Validation state: "Valid"
2026-02-18 08:10:58.437 +01:00 [WRN] Ldap login feature is not enabled!
2026-02-18 08:10:58.438 +01:00 [WRN] OAuth login feature is not enabled!
2026-02-18 08:10:58.542 +01:00 [INF] Executed action method Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore), returned result Microsoft.AspNetCore.Mvc.SignInResult in 105.92ms.
2026-02-18 08:10:58.543 +01:00 [INF] Executing SignInResult with authentication scheme (OpenIddict.Server.AspNetCore) and the following principal: System.Security.Claims.ClaimsPrincipal.
2026-02-18 08:10:58.559 +01:00 [INF] Executed action Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) in 123.946ms
2026-02-18 08:10:58.559 +01:00 [INF] Executed endpoint 'Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore)'
2026-02-18 08:10:58.572 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/token application/x-www-form-urlencoded 123 - 200 1548 application/json;charset=UTF-8 152.3619ms
2026-02-18 08:10:58.652 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/token application/x-www-form-urlencoded 123
2026-02-18 08:10:58.668 +01:00 [INF] Executing endpoint 'Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore)'
2026-02-18 08:10:58.668 +01:00 [INF] Route matched with {action = "Handle", controller = "Token", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] HandleAsync() on controller Volo.Abp.OpenIddict.Controllers.TokenController (Volo.Abp.OpenIddict.AspNetCore).
2026-02-18 08:10:58.669 +01:00 [INF] Executing action method Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) - Validation state: "Valid"
2026-02-18 08:10:58.670 +01:00 [WRN] Ldap login feature is not enabled!
2026-02-18 08:10:58.671 +01:00 [WRN] OAuth login feature is not enabled!
2026-02-18 08:10:58.764 +01:00 [INF] Executed action method Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore), returned result Microsoft.AspNetCore.Mvc.SignInResult in 94.95ms.
2026-02-18 08:10:58.765 +01:00 [INF] Executing SignInResult with authentication scheme (OpenIddict.Server.AspNetCore) and the following principal: System.Security.Claims.ClaimsPrincipal.
2026-02-18 08:10:58.776 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/token application/x-www-form-urlencoded 123
2026-02-18 08:10:58.783 +01:00 [INF] Executed action Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) in 114.2755ms
2026-02-18 08:10:58.783 +01:00 [INF] Executed endpoint 'Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore)'
2026-02-18 08:10:58.791 +01:00 [INF] Executing endpoint 'Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore)'
2026-02-18 08:10:58.792 +01:00 [INF] Route matched with {action = "Handle", controller = "Token", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] HandleAsync() on controller Volo.Abp.OpenIddict.Controllers.TokenController (Volo.Abp.OpenIddict.AspNetCore).
2026-02-18 08:10:58.792 +01:00 [INF] Executing action method Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) - Validation state: "Valid"
2026-02-18 08:10:58.793 +01:00 [WRN] Ldap login feature is not enabled!
2026-02-18 08:10:58.794 +01:00 [WRN] OAuth login feature is not enabled!
2026-02-18 08:10:58.796 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/token application/x-www-form-urlencoded 123 - 200 1548 application/json;charset=UTF-8 144.2937ms
2026-02-18 08:10:58.883 +01:00 [INF] Executed action method Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore), returned result Microsoft.AspNetCore.Mvc.SignInResult in 91.3788ms.
2026-02-18 08:10:58.884 +01:00 [INF] Executing SignInResult with authentication scheme (OpenIddict.Server.AspNetCore) and the following principal: System.Security.Claims.ClaimsPrincipal.
2026-02-18 08:10:58.902 +01:00 [INF] Executed action Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) in 110.2148ms
2026-02-18 08:10:58.902 +01:00 [INF] Executed endpoint 'Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore)'
2026-02-18 08:10:58.915 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/token application/x-www-form-urlencoded 123 - 200 1548 application/json;charset=UTF-8 139.6083ms
2026-02-18 08:11:16.761 +01:00 [INF] Request starting HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673
2026-02-18 08:11:16.774 +01:00 [INF] Request finished HTTP/1.1 POST https://extranetidentity.cincaporc.com/connect/introspect application/x-www-form-urlencoded 1673 - 200 302 application/json;charset=UTF-8 13.7022ms
2026-02-18 08:11:20.037 +01:00 [INF] Request starting HTTP/1.1 GET https://extranetidentity.azurewebsites.net/health - -
2026-02-18 08:11:20.039 +01:00 [INF] Executing endpoint 'HTTP: GET /health'
2026-02-18 08:11:20.039 +01:00 [INF] Writing value of type 'System.String' with status code '200

Hi, it looks good. I’ve been testing it and it’s working. I’ll deploy the code to the prod environment tomorrow and test it to make sure everything works fine. Should we leave what we did earlier as it is, or should I remove it and keep only this line of code?

[maliming] said: You can try disabling the AntiforgeryToken for the login page in the authserver project.

context.Services.AddRazorPages(options => 
{ 
    options.Conventions.AddPageApplicationModelConvention("/Account/Login", model => 
    { 
        model.Filters.Add(new IgnoreAntiforgeryTokenAttribute()); 
    }); 
}); 

About that, which part is it exactly? I can’t find where we have that code. And regarding the logs, do you want me to send you the logs after you tested it with Identity?

Hello, How’s it going?

You need to have both URLs open in your browser, https://extranet-dev.cincaporc.com/ and https://integradosapp-dev.cincaporc.com/ , and stay on the login page for about 30–40 minutes to be sure. After that, log in to either one — it will work fine. Then log in to the other one, and the 400 error will appear. Do you have any questions?

Web: https://extranet-dev.cincaporc.com/ Public.Web: https://integradosapp-dev.cincaporc.com/

I’ve already sent you the email, but it only includes logs from web, because there was nothing from web public.

Hi, I’ve looked at the code and I have it like this.

public static async Task<int> Main(string[] args)
{
    Log.Logger = new LoggerConfiguration()
#if DEBUG
        .MinimumLevel.Debug()
#else
        .MinimumLevel.Debug()
#endif
        .Enrich.FromLogContext()
        .WriteTo.Async(c => c.File(
            "Logs/logs.txt",
            outputTemplate:
            "{Timestamp:yyyy-MM-dd HH:mm:ss.fff zzz} [{Level:u3}] [{UserId}] [{UserName}] {Message:lj}{NewLine}{Exception}",
            rollingInterval: RollingInterval.Day,
            retainedFileCountLimit: 30,
            rollOnFileSizeLimit: true,
            fileSizeLimitBytes: 52428800))
#if DEBUG
        .WriteTo.Async(c => c.Console())
#endif
        .CreateLogger();

Hi, I’ve run it again. On one it works fine, but the other gives me a 400 error. I’ve checked, and there’s no useful information in the logs.

I’ve already sent you the logs in the email.