Activities of "gterdem"

Add New Microservices to the Solution docs is released. May be it can help?

Duplicate of https://support.abp.io/QA/Questions/1184/Abp-notification-function.

Sorry that I am not able to make screenshare sessions at the moment. Would you mind to explain your situation via this platform so that other users that might be experiencing the same issue can also benefit?

Hi @gterdem, My Auth Server is already running with https, in fact all of my services are running with https on my local IIS with IIS self signed certificate.

As you said I have updated by Web layer port to 4510(I dont think this is the issue) but still getting the below certificate error which I mentioned earlier.

2021-04-14 19:22:17.794 +05:30 [INF] Request starting HTTP/2 GET https://localhost:4510/ - - 2021-04-14 19:22:17.852 +05:30 [INF] Start processing HTTP request GET "https://localhost:450/api/abp/api-definition" 2021-04-14 19:22:17.852 +05:30 [INF] Sending HTTP request GET "https://localhost:450/api/abp/api-definition" 2021-04-14 19:22:17.915 +05:30 [ERR] Connection ID "17942340921349636135", Request ID "80000028-0001-f900-b63f-84710c7967bb": An unhandled exception was thrown by the application.

Not only the port, the protocol also you need to update. It should be http://localhost. It is still making requests to old url. Try recycling the application from the iis pool.

Although your main problem with https is with your IIS server. The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot. You need to trust your self signed certificate.

We use multitenancy as db per customer approach. We have different db's for different tenants, so we don't want to add TenantId column into our tenant dependent database tables .

Can't say that I understand completely. Assuming you have a Product entity enabled for all entities. Each tenant has their own Product tables. But you don't want them to have TenantId column? Is that the case?

When we remove IMultiTenant interface from our tenant spesific entities , the application couldn't get tenant connection string correctly , it gives us host connection string. But when we implement IMultiTenant interface it can give us correct tenant connection string.

I think this makes sense. When you don't have IMultiTenant, connection string falls back to default host connectionstring. Otherwise how to figure out which tenant connection string it is to check in SaasTenantConnectionStrings?

Please point out if I misunderstood.

I am not able to make screenshare sessions. Please try the solutions above and share the results via this platform.

You must run AuthServer on https. To other applications such as Web app on http or with different ports:

Update application's appsettings

Navigate to Web application's appsettings.json and change the SelfUrl under App section. From https://localhost:451 to something like http://localhost:4510.

Update IdentityServer configuration

Assuming you can't login to Web application for IdentityServer management pages, there are 2 ways to update:

  1. Update appsettings.json of DbMigrator project under Shared folder. Find IdentityServerClients section and update MyProject_Web client RootUrl with new http url, http://localhost:4510. Then delete IdentityService Database and re-create so it can be re-seeded with IdentityServerDataSeeder which uses these configurations.
  2. Manually update IdentityService database:
  • Update FrontChannelLogoutUri column in IdentityServerClients table
  • Add or update RedirectUri of that client in IdentityServerClientRedirectUris table.
  • Add or update PostLogoutRedirectUri column of that client in IdentityServerClientPostLogoutRedirectUris table.

There are 3 applications as you have noticed:

  • AuthServer (IdentityServer)
  • Public application (Razor/MVC)
  • Web app (back-office application that can be Razor/Mvc-Angular-Blazor-BlazorServer)

What is your web app? Angular, Razor, Blazor or Blazor.Server?

2021-04-06 10:13:40.048 +00:00 [INF] {"ClientId":"EmployeeManagement_Swagger","Category":"Authentication","Name":"Client Authentication Failure","EventType":"Failure","Id":1011,"Message":"Invalid client secret","ActivityId":"8000000b-0003-ff00-b63f-84710c7967bb","TimeStamp":"2021-04-06T10:13:40.0000000Z","ProcessId":12824,"LocalIpAddress":"::1:44322","RemoteIpAddress":"::1","$type":"ClientAuthenticationFailureEvent"} 2021-04-06 10:13:40.048 +00:00 [ERR] Client secret validation failed for client: EmployeeManagement_Swagger.

The client secret you provided is wrong.

I dont think so, because it is getting autenticated in the next attept. If CLient Secret is the proble how come it can be authenticated from next time. If you I can share the screen and show u.

Is the issue solved? IdentityServer doesn't throw random errors.

The logs below indicates that EmployeeManagement_Swagger client secret is wrong (probably doesn't exist).

2021-04-06 10:13:40.048 +00:00 [INF] {"ClientId":"EmployeeManagement_Swagger","Category":"Authentication","Name":"Client Authentication Failure","EventType":"Failure","Id":1011,"Message":"Invalid client secret","ActivityId":"8000000b-0003-ff00-b63f-84710c7967bb","TimeStamp":"2021-04-06T10:13:40.0000000Z","ProcessId":12824,"LocalIpAddress":"::1:44322","RemoteIpAddress":"::1","$type":"ClientAuthenticationFailureEvent"} 2021-04-06 10:13:40.048 +00:00 [ERR] Client secret validation failed for client: EmployeeManagement_Swagger.

Navigate to appsettings of your api gateway and check the IdentityServer section. There should be IdentityModel configuration like: <br>

"AuthServer": {
  "Authority": "https://localhost:44322",
  "RequireHttpsMetadata": "true",
  "SwaggerClientId": "EmployeeManagement_Swagger",
  "SwaggerClientSecret": "1q2w3e*"
},

This is the configuration of AddAbpSwaggerGenWithOAuth.

Please, share your appsettings identityserver configuration and swaggerAuth configuration located in module if the problem still persists.

Showing 611 to 620 of 726 entries
Made with ❤️ on ABP v9.1.0-rc.1. Updated on January 17, 2025, 14:13