Activities of "ibrahim.onat"

Hi,

As a customer I would prefer to not see an error message stating that the tenant was not found, and would rather see the login screen with the tenant field returned to its initial state; that is without any tenant (i.e. displaying "Not selected"). Having to refresh and clearing cookies is detrimental to the UX, and preferably the login view should simply reset to a state that lacks any tenant information that was previously given. Here's a picture of what that would look like:

• ABP Framework version: v7.3.3

• UI Type: Angular

• Database System: EF Core

• Tiered (for MVC) or Auth Server Separated (for Angular): yes

• Exception message and full stack trace: [17:51:41 INF] Request starting HTTP/2 GET https://localhost:44332/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DBookStore_App%26state%3DSk9DOElmRHNGWmhNazRCTk1SdXpnWkFNd0J5T2hWZXdMWGQtV0NWM1ZMZXh3%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A4200%26scope%3Dopenid%2520offline_access%2520BookStore%26code_challenge%3D5O6CX6wTReFOCS5GoNh6LtrYhf72KjMcfv1QHjzApTw%26code_challenge_method%3DS256%26nonce%3DSk9DOElmRHNGWmhNazRCTk1SdXpnWkFNd0J5T2hWZXdMWGQtV0NWM1ZMZXh3%26culture%3Den%26ui-culture%3Den - - [17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ResolveRequestUri. [17:51:41 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ResolveRequestUri. [17:51:41 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.OpenIddictServerHandlers+InferEndpointType. [17:51:41 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateTransportSecurityRequirement. [17:51:41 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateHostHeader. [17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ValidateHostHeader. [17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+EvaluateValidatedTokens.[17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromAuthorizationHeader. [17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromBodyForm. [17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromQueryString. [17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateRequiredTokens. [17:51:41 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was marked as rejected by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateRequiredTokens. [17:51:41 DBG] AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated. [17:51:41 WRN] Tenant not found! Volo.Abp.BusinessException: Tenant not found! at Volo.Abp.MultiTenancy.TenantConfigurationProvider.GetAsync(Boolean saveResolveResult) at Volo.Abp.AspNetCore.MultiTenancy.MultiTenancyMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) [17:51:41 WRN] Code:Volo.AbpIo.MultiTenancy:010001 [17:51:41 WRN] Details:There is no tenant with the tenant id or name: a4b425d2-1045-6438-3e12-3a0dc53f1a41 [17:51:41 INF] Request finished HTTP/2 GET https://localhost:44332/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DBookStore_App%26state%3DSk9DOElmRHNGWmhNazRCTk1SdXpnWkFNd0J5T2hWZXdMWGQtV0NWM1ZMZXh3%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A4200%26scope%3Dopenid%2520offline_access%2520BookStore%26code_challenge%3D5O6CX6wTReFOCS5GoNh6LtrYhf72KjMcfv1QHjzApTw%26code_challenge_method%3DS256%26nonce%3DSk9DOElmRHNGWmhNazRCTk1SdXpnWkFNd0J5T2hWZXdMWGQtV0NWM1ZMZXh3%26culture%3Den%26ui-culture%3Den - - - 404 - text/html 30.0742ms [17:51:41 INF] Request starting HTTP/2 GET https://localhost:44332/favicon.ico - - [17:51:41 INF] Sending file. Request path: '/favicon.ico'. Physical path: 'N/A' [17:51:41 INF] Request finished HTTP/2 GET https://localhost:44332/favicon.ico - - - 200 38078 image/x-icon 2.4380ms

• Steps to reproduce the issue:

1. Log into an administrator account and create a tenant.
2. Log out of the account, go to the login page and enter the newly created tenant. Do not proceed to login.
3. Open another window (incognito was used to avoid cookies), login to the admin account.
4. Under tenant management, delete the newly created tenant.
5. Log out from the incognito window.
6. Return to the main window and refresh the page. This will yield an exception with a "Tenant not found!" message and the "Failed to load resource: the server responded with a status of 404 ()" error log on the console. An image has been attached below.

Thank you

• ABP Framework version: v4.4.3
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes

Is there a way available in ABP to block multiple login sessions of a user?

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

If you're creating a bug/problem report, please include followings:

• ABP Framework version: v4.4.3
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace:
• Steps to reproduce the issue:" There is html injection vulnarability on some of the pages as mentioned in the closed question below https://support.abp.io/QA/Questions/2338/HTML-Injections

We tried the solution and it worked.

Thank you for your time

• ABP Framework version: v4.4.3
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace:
• Steps to reproduce the issue:"

We're having a similar issue to the one that linked below: https://support.abp.io/QA/Questions/424/How-to--prevent-accesstoken-reuse-when-logouted

We changed the access token lifetime, and even its value was 90 seconds the issue continued.

Is there any settings or steps we missed?

To reproduce the issue, 1.Get access token of an authorized user 2.Logout 3.Use the token to fetch data with credentials of an unauthorized user You will see that the data is fetched successfully even though the token is expired.

• ABP Framework version: v4.4.3
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace:
• Steps to reproduce the issue:"

There is html injection vulnarability on some of the pages

• ABP Framework version: v4.3.3
• UI type: Angular
• DB provider: EF Core
• Steps to reproduce the issue:

Hello, I use the latest(4.4.2) version of abp suite in order to create some entities for an existing project. The project is created by my teammate using abp suite. When I try to open the project using Add an existing solution button, there aren't any problems. But, the error below comes up when CRUD Page Generator is opened. I face with the same error when I try to save entities.

Along with this, UI framework, which is Angular, information is not correct when I hover over to the solution info

Almost a year ago my teammate faced the same problem and tried a workaround solution but it doesn't work for me now. For the issue opened by my teammate: https://support.abp.io/QA/Questions/507/ABP-Suite-Error-Cannot-find-the-directory

The issue is resolved after updating the abp version to 4.3.2. Thank you for your support.