When we tried the same by hosting in our Dev Environemnt we observed that ARRAffinity cookie is not coming at all. We are suspecting something related to Azure Web APP hosting.
On the other hand we tried adding code to remove "ARRAffinity" by
public class RemoveARRAffinitySameSiteCookieMiddleware { private readonly RequestDelegate _next;
public RemoveARRAffinitySameSiteCookieMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task InvokeAsync(HttpContext context)
{
context.Response.OnStarting(() =>
{
context.Response.Cookies.Delete("ARRAffinitySameSite");
return Task.CompletedTask;
});
await _next(context);
}
}
In Auth server
public override void OnApplicationInitialization(ApplicationInitializationContext context) { var app = context.GetApplicationBuilder(); var env = context.GetEnvironment();
var configuration = context.ServiceProvider.GetRequiredService<IConfiguration>();
app.Use(async (ctx, next) =>
{
if (ctx.Request.Headers.ContainsKey("from-ingress"))
{
ctx.SetIdentityServerOrigin(configuration["App:SelfUrl"]);
}
await next();
});
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseAbpRequestLocalization();
if (!env.IsDevelopment())
{
app.UseErrorPage();
}
app.UseCorrelationId();
app.UseStaticFiles();
app.UseRouting();
app.UseCors();
app.UseHttpMetrics();
app.UseAuthentication();
app.UseJwtTokenMiddleware();
app.UseMultiTenancy();
app.UseAbpSerilogEnrichers();
app.UseUnitOfWork();
app.UseIdentityServer();
app.UseAuthorization();
app.UseAuditing();
app.UseMiddleware<EhsWatchVeSecurityHeadersMiddleware>();
app.UseMiddleware<RemoveARRAffinitySameSiteCookieMiddleware>();
app.UseHsts();
app.UseConfiguredEndpoints(endpoints =>
{
endpoints.MapMetrics();
});
}
but still getting that cookie .
the only difference is
Before Value: ARRAffinitySameSite=fd496f44e02cfb761c8aa28c89623dc7a80cfa26dff26b2575b73746f0673dbb;Path=/;HttpOnly;SameSite=None;Secure;Domain=xxxxxx.xxx.xxx.xx
Value After code change: ARRAffinitySameSite=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
do you this make any difference, but still we are not sure of removing ARRAffinitySameSite because this may impact the behaviour of load balancer
In Sample it is working fine where as We have a requirement to implement RabbitMqDistributedEventBus and have both 'Publishing Event' and 'Distributed Event Handler' in the same service. when we try From swagger, request execution completing after executing the 'publishing event' without waiting for 'Distributed Event Handler' to be completed, later 'Distributed Event Handler' is processing. But when we try from web application, web request is not completing until 'Distributed Event Handler' complete the Process.
if we implement 'Publishing Event' in one service and 'Distributed Event Handler' in another service, from web application also it is working like swagger and not waiting to complete 'Distributed Event Handler' process.
Is there any way to implement both 'Publishing Event' and 'Distributed Event Handler' in same service and if we request from web application, request should not wait for complete 'Distributed Event Handler' process.
Hi,
could you share the error message and some screenshots?
Hi There is no error message as this is getting blocked by clients firewall system due to suspeous content of the headers shared. Let me know if you have any queries
ABP Framework version: v5.1.3 UI Type: MVC Database System: SQL Server / MongoDB Tiered (for MVC) or Auth Server Separated (for Angular): yes Exception message and full stack trace: Steps to reproduce the issue: We are using the Active Directory for Login Process and request is getting blocked after after successuly login and redirecting to our web client
We are faciing issue with the User Cookie Headers with one of the Clients Firewall, The request header info is as follows:
GET /Account/Login/?__tenant=xxx HTTP/1.1 Accept: / Host: xxxxxx.xxx.xxx.xx Cookie: .AspNetCore.Antiforgery.c9JTe_bLGaM=CfDJ8FRhYrLUrBdPg2ipof6Ze16RfGI0ZJKke6iRRofx3cFbq_tGn3HTTRD_7JKLtMzMedYMb1l8OhPx3xX6z9j1-aSSaXj1SRk2ORAcb6KOtTPmaOjcZ6RopamvmEiecEu3ljT5TFHayk2MxFUVMCgqLDo; path=/; samesite=strict; httponly; XSRF-TOKEN=CfDJ8FRhYrLUrBdPg2ipof6Ze17tsIyUCs-tAYzfoekhfgr13OA5w4tyzwXj-Hl_E6Gwkpdtn4nXDZGTpm3EBEX64NjeDhuI5CF2ZCvUOB73MJj-CKIHYapt9k5BrFRIkhnmxvZx5UOy_ez2dO_9fGa_Cks; expires=Mon, 15 May 2034 23:36:10 GMT; path=/; secure; samesite=none; .AspNetCore.Mvc.CookieTempDataProvider=CfDJ8FRhYrLUrBdPg2ipof6Ze14-m4tMwAkRe0rwhNpl2P9u1CF-toHYP6HqsIRlyoOHBm8ptS-5uL5JuLZ5s_syooXW6nUzC0z1f-H_coYQTo3p4TIjHjpX6cSy58Pfl8LcZPBHqTw81Ez_jZsLan3eH9ncIklIKi3xuyIUZq89Cztb; path=/; samesite=lax; httponly; ARRAffinity=77f12f85c9afc4c4219e1ebcbabf3c363c124c1272c6f1766e41bee0c3ed9b13;Path=/;HttpOnly;Secure;Domain=xxxxxx.xxx.xxx.xx; ARRAffinitySameSite=77f12f85c9afc4c4219e1ebcbabf3c363c124c1272c6f1766e41bee0c3ed9b13;Path=/;HttpOnly;SameSite=None;Secure;Domain=xxxxxx.xxx.xxx.xx; DCT_SP_Cookie=!rJI1vQtcC6kQKiPgElklsn4lwoYxwAGdSfWPx/X43eEKGa3yOoLohwL48lwE7DmrTLv7W9uI7LC+bw==; path=/; Httponly; Secure; TS017caf0c=01dbd0522d0c40bd5dc6161d190c1229ca2cbc4113dbe13debd550f3bdabfcd49e51511c46a1c9492a9191fad0231d4f2609b2c9c05e4918267ed51bebfbd86bcbac3dd37dd5b6042d42ae7ef5f2cec887bdcb2905df6962249646cbb6079835441f65fdc686e12d6161abceb2c2bbd925a46d613e; Path=/; TS01fabc35=01dbd0522de0e527b70608f9798164443d8d592257dbe13debd550f3bdabfcd49e51511c46d62d98a6a8cdcd821467c3f3643848eaa95095303bb71f0943f66f4e46eea66659b83ba841df4eba10d273eddb730a1f; path=/; domain=xxxxxx.xxx.xxx.xx Accept-Encoding: gzip, deflate, br From: bingbot(at)microsoft.com User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/116.0.1938.76 Safari/537.36 X-Forwarded-For: 40.77.167.70 has context menu
The request is getting blocked may be because of samesite policy or some special characters. Do you guys have any idea on this? In mean time we are trying to different ways but your insights might be helpful.
We are facing this ABP 5 version not sure it will be there in latest versions or not but for now we cant upgrade.
ABP Framework version: v7.3.2
UI Type:MVC
Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..) / MongoDB
Tiered (for MVC) or Auth Server Separated (for Angular): yes
We are implementing Event Bus using RabbitMqDistributedEventBus in our application.
Local Event is working good for every request. but Distributed Event is not firing for every request. It is firing only 1 time for every 10-12 requests.
Worked Thanks for the support
We used the below statement to filter data for ExtraProperties, not working for mongoDb
(await GetQueryableAsync()).Where(u => EF.Property<string>(u, "SocialSecurityNumber") == "123")
Is there any other way to filter Extraproperties in MongoDB, Please advise.
hi
The
AbpEntityChanges" & "AbpEntityPropertyChanges
are sub-navigation of theAuditLog
aggregate root.So you should
crud
them byIAuditLogRepository
Thanks for the input, Let us try the same and update you accordingly.
We would like to implement the Audit Trial for MonGo DB services, as it is not there Out of the box(if we are not wrong we are planning to implement with custom code). we tried to find the menthods/repository to have the CURD operations on "AbpEntityChanges" & "AbpEntityPropertyChanges", but not able to find the same. can you please advise.