I couldn't understand that is it an angular application or a blazor wasm application? Or are you trying to deploy 2 client applications configured in identityServer?
I've seen you've configured ForwardedHeaders but did you use the midware?
I don't have much knowledge about blazor production environment but we have an angular application deployed on Kubernetes at eShopOnAbp project that you can check the sample nginx.conf we've used.
You can either log them manually or add to EntityHistorySelectors in AbpAuditingOptions.
Thank you for the explanation.
Then there was probably a problem with the version 6.0.0-rc.3. Because with a newly generated app (Blazor Server non-tiered) I had an exception that pointed to the missing Redis cache. So I had to install this on my PC and then was surprised that it did not need it on Azure. But maybe that was a bug you guys fixed in 6.0.0-rc.4.
I may add that, It may be related to the public-site. If you create a new template with public-site enabled; it will require redis. Since public-site will be using blazor-server app to login and share some cached data.
Redis and OpenIddict are not related to each other.
Redis is used in tiered applications (projects with individual AuthServer projects) and SPA applications (angular, Blazor Wasm) to cache permissions, HTTP requests etc. Since these kind of projects are distributed, they need an external caching server.
If you are using non-tiered Blazor-Server or MVC application, caching is done in the memory hence you don't need an extra server (Redis) for it.
OpenIddict Module is referenced by your Web application (for non-tiered applications like MVC/Blazor-Server) or AuthServer (for tiered application) that has no correlation with Redis. It uses caching no matter what. It's using in-memory cache or Redis depends on your template type (tiered/non-tiered).
It is not related to ABP and the error indicates its about server trusting the self-signed certificate.
Sorry but I have no idea about self-signed certificate creations on IIS.
Identiy related information is handled by IdentityService. AbpUser doesn't exist any more, but you can use IdentityUser within the IdentityService.
We have a guide about extracting a module as a microservice that adds AuditLogging module as a microservice as a sample. You can follow this guide for other modules.
Update your oAuthConfig in environment.prod.ts with:
oAuthConfig: {
...
"strictDiscoveryDocumentValidation": false,
"skipIssuerCheck": true
},
Try dotnet build /graphbuild command under the solution directory.
I am not familiar with tye build internals but it may be related to context. You may try to put tye.yaml under the build folder and retry.
We also have image build scripts under the build folder.