Activities of "fjinc"

hi fjinc

You can use IIdentitySessionRepository to remove all user sessions.

https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.EntityFrameworkCore/Volo/Abp/Identity/EntityFrameworkCore/EfCoreIdentitySessionRepository.cs#L90-L94

Thanks maliming. I'm more suggesting a new ABP feature by adding to the existing setting management for Session management I'm aware we can make extensions to add this behaviour ourselves but it seems that it would be a useful feature to have for other people too.

i.e. on this session setting page, as the host tenant admin user, I can enable settings to apply for all users of all tenancies

hi fjinc

across all tenants and their users from the Host tenant?

By default, users will not be across tenants. Can you explain it in detail?

Hi maliming, What I mean is, as the Host tenant, I want to enforce all users across the application to use a specific session setting (eg 'Logout from all devices') so that I can force all the users of my application to have better security practices

At the moment, I can only enforce this for the users of my tenancy which means to enforce for users in another tenant I have to impersonate the tenant admin and set the setting. It would be useful if we can do this all from our Host tenant admin account.

Hi We've recently upgraded our ABP version to v8.2 and we're excited to try the new Session management - particularly being able to enforce all user's of the application to have only one user on one device at any time.

Our application is a tenanted one, I wonder if it would be possible to add to the Session setting page the ability to enforce the same session management across all tenants and their users from the Host tenant?

Great thank you, please let me know what version the fix will be included in.

Hi,

Yes, that's is. I will create an internal issue to fix it; thanks.

Hi liangshiwei, Has there been any update on this / eta for when it will be fixed?

I've just tested this and I'm still reproducing the error. Is your console clearing itself on being redirected? (cog -> preserve logs)

• ABP Framework version: v7.3.0 - replicable on ABP demo on 7th June 2023.
• UI type: Angular
• DB provider: Unknown
• Tiered (MVC) or Identity Server Separated (Angular): Unknown
• Steps to reproduce the issue:
  • Login as admin
  • Navigate to Saas -> Tenants -> Users
  • Select Actions -> "Login with this tenant" for any tenant
  • Login as 'admin' tenant user
  • Console throws following error: ERROR Error: Uncaught (in promise): Wrong nonce: undefined
• Expected behaviour: No console error is thrown
• Actual behaviour: Console error is thrown
• Further issues:
  • No impact on the tenant impersonation functionality.
  • Throws error again when returning to the host account from the impersonated tenant user.
  • Seem to throws error after the impersonation action as user is redirected before error is thrown: