When we tried the same by hosting in our Dev Environemnt we observed that ARRAffinity cookie is not coming at all. We are suspecting something related to Azure Web APP hosting.
On the other hand we tried adding code to remove "ARRAffinity" by
public class RemoveARRAffinitySameSiteCookieMiddleware { private readonly RequestDelegate _next;
public RemoveARRAffinitySameSiteCookieMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task InvokeAsync(HttpContext context)
{
context.Response.OnStarting(() =>
{
context.Response.Cookies.Delete("ARRAffinitySameSite");
return Task.CompletedTask;
});
await _next(context);
}
}
In Auth server
public override void OnApplicationInitialization(ApplicationInitializationContext context) { var app = context.GetApplicationBuilder(); var env = context.GetEnvironment();
var configuration = context.ServiceProvider.GetRequiredService<IConfiguration>();
app.Use(async (ctx, next) =>
{
if (ctx.Request.Headers.ContainsKey("from-ingress"))
{
ctx.SetIdentityServerOrigin(configuration["App:SelfUrl"]);
}
await next();
});
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseAbpRequestLocalization();
if (!env.IsDevelopment())
{
app.UseErrorPage();
}
app.UseCorrelationId();
app.UseStaticFiles();
app.UseRouting();
app.UseCors();
app.UseHttpMetrics();
app.UseAuthentication();
app.UseJwtTokenMiddleware();
app.UseMultiTenancy();
app.UseAbpSerilogEnrichers();
app.UseUnitOfWork();
app.UseIdentityServer();
app.UseAuthorization();
app.UseAuditing();
app.UseMiddleware<EhsWatchVeSecurityHeadersMiddleware>();
app.UseMiddleware<RemoveARRAffinitySameSiteCookieMiddleware>();
app.UseHsts();
app.UseConfiguredEndpoints(endpoints =>
{
endpoints.MapMetrics();
});
}
but still getting that cookie .
the only difference is
Before Value: ARRAffinitySameSite=fd496f44e02cfb761c8aa28c89623dc7a80cfa26dff26b2575b73746f0673dbb;Path=/;HttpOnly;SameSite=None;Secure;Domain=xxxxxx.xxx.xxx.xx
Value After code change: ARRAffinitySameSite=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
do you this make any difference, but still we are not sure of removing ARRAffinitySameSite because this may impact the behaviour of load balancer
you can try remove some headers to check if it's work
Ok will try and update you.
In Sample it is working fine where as We have a requirement to implement RabbitMqDistributedEventBus and have both 'Publishing Event' and 'Distributed Event Handler' in the same service. when we try From swagger, request execution completing after executing the 'publishing event' without waiting for 'Distributed Event Handler' to be completed, later 'Distributed Event Handler' is processing. But when we try from web application, web request is not completing until 'Distributed Event Handler' complete the Process.
if we implement 'Publishing Event' in one service and 'Distributed Event Handler' in another service, from web application also it is working like swagger and not waiting to complete 'Distributed Event Handler' process.
Is there any way to implement both 'Publishing Event' and 'Distributed Event Handler' in same service and if we request from web application, request should not wait for complete 'Distributed Event Handler' process.
Hi,
could you share the error message and some screenshots?
Hi There is no error message as this is getting blocked by clients firewall system due to suspeous content of the headers shared. Let me know if you have any queries
Worked Thanks for the support
hi
The
AbpEntityChanges" & "AbpEntityPropertyChangesare sub-navigation of theAuditLogaggregate root.So you should
crudthem byIAuditLogRepository
Thanks for the input, Let us try the same and update you accordingly.
hi
I think you should replace all
AccountServicewithAuthServer
We tried this, We replaced AccountService with AuthServer and logged in with User A. We try to Impersonate user B, it taking us to Authserver login page(https://localhost:44322/Account/Login), there are no errors in log file.
hi
You need to use a existing
scopeegAuthServercontext.Services.AddAuthentication() .AddJwtBearer(options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); options.Audience = "AuthServer"; });
Thanks for the quick response, below is our Auth server Audiance, do we need to replace 'AccountService' with 'AuthServer' or we need to add new Audiance 'AuthServer'?
hi
Your
JwtBearerrequires anAccountServiceaudience.context.Services.AddAuthentication() .AddJwtBearer(options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); options.Audience = "AccountService"; });but your access token doesn't have this audience.
By the way, does AccountService exist in your identity server?
AccountService does not exist in our identity server, We upgraded our Application from Version 5.1.3 to 7.3.2 and there was no AccountService in 5.1.3, Can you please what will be the best possiblesolution
https://identityserver4.readthedocs.io/en/docs-preview/search.html?q=audience&check_keywords=yes&area=default
Thanks for the inputs, We will check and update accordingly
