Activities of "luke"

Thanks for that, seems to have resolved the problem for now.

I assume this was storing the localizations to redis. Disabling this will have some performance impacts elsewhere?

Is there any way to know what's going wrong inside of this module?

[13:24:47 DBG] Waiting to acquire the distributed lock for saving external localizations... [13:24:47 INF] Saving external localizations...

My application often hangs on "Saving external localizations.." line in startup and will not accept any http requests.

I can't find which module outputs these lines to the console/logs.

Have you got any idea what could be causing this?

Thank you for sorting this! 😀

Thanks for your response!

I've tried the setting "VerifyPasswordDuringExternalLogin", as I said above in point 2. It didn't have any effect, so I checked the source, it is only referenced in one place LoginModel.ShouldAskUserPasswordAsync, to choose if they should enter their existing password. Not to choose if they should be required to create one.

        if (!await SettingProvider.IsTrueAsync(AccountSettingNames.VerifyPasswordDuringExternalLogin))
        {
            return null;
        }

        if (user.PasswordHash != null)
        {
            return RedirectToPage("./ExternalPasswordLogin", new
            {
                returnUrl = ReturnUrl,
                returnUrlHash = ReturnUrlHash
            });
        }

• ABP Framework version: v9.0.5
• UI Type: Angular
• Database System: EF Core, SQL Server,
• Tiered (for MVC) or Auth Server Separated (for Angular): Yes

Both existing users and new registering users when using SSO are now forced to add a password as of version 9. This seems to be an undocumented breaking change. It also seems to ignore some configuration options (which I believe to be a bug).

This code used in both Login.cshtml.cs and Register.cshtml.cs, which redirects to the change password page only looks at the "EnableLocalLogin" setting.

1. If I were to disable EnableLocalLogin this I would not be able to have login/registration with a username/password for anyone.
2. VerifyPasswordDuringExternalLogin setting seems to have no baring on this at all, but the addition of be below code seems to be there to facilitate it.
3. The only way to prevent this behaviour is to override the entire sections of RegisterModel.OnPostInternal and LoginModel.OnGetExternalLoginCallbackAsync and commenting out the below.
4. This is a breaking change moving from ABP 8 to 9

This is a fundamental change in the behaviour of the login flow, why would anyone want to enter a password using SSO? It should be configurable.

I've laid this out very clearly as such that I've seen the duplicate closed thread on this matter where the customer was told to override the entire login/reg page. I believe this was not the correct course of action. They also were told that "We have not changed the login/register code recently.", this code was added in version 9.

    if (await SettingProvider.IsTrueAsync(AccountSettingNames.EnableLocalLogin))
    {
        var user = await UserManager.FindByLoginAsync(loginInfo.LoginProvider, loginInfo.ProviderKey);
        if (user != null && user.PasswordHash == null)
        {
            await StoreChangePasswordUser(user);
            return RedirectToPage("./ChangePassword", new {
                returnUrl = ReturnUrl ?? "/",
                returnUrlHash = ReturnUrlHash
            });
        }
    }

Is there any news on this?

With regard to the message from @dmeagor, it does seem that it is not the correct functionality. Why did you close the ticket?

Is there any way that it can be made to function in a desirable way?

Yes. Thank you.

I just wanted to make sure I'm not doing work I don't need to.

Yes, I'm aware of the repositories, my question is about deleting 'all' of the data for a tenant, not just the tenant row.

If I'm understanding correctly, the providers are run in: Tenant, Edition, Default; order. Each overriding the previous.

Since Tenant cannot override Edition, the UI disables setting it at Tenant Level?