- What is your product version? 10.3
- What is your product type (Angular or MVC)? Angular with ASPNet Core webapp
- What is product framework type (.net framework or .net core)? .net core
I am using an angular client with an ASPNET Core webapp. All UI screens and AppService calls work within the angular client app once I login through the angular client login screen. One feature in the application creates an Excel file storing it as a temporary file (using TempFIleCacheManager), then using the FileDownloadService to download the temporary file.
All works on my local development system, however, when deployed to Azure (angular client as static website & aspnet core as azure webapp), everything works withing the angular client screens, but the request to the FileDownloadService reports "302 Not Found" status, redirects to the Account/Login screen, which also reports a "302 Not Found", then goes to a "404 Not Found" error screen.
If I separately login to my aspnet core webapp at https://<hostname>/UI in another browser window, then return to the angular client, the FileDownloadService works as expected, and I can download the Excel file and open it. I encounter similar problems (302 Not Found) if I try to access any URLs directly, with the exception of the "swagger" page, which brings up the list of available endpoints although attempting to use one reports as unauthorized. Is there some configuration missing from my appsettings.json for the deployed aspnet core application or appconfig.json for angular client?
Please advise how I can assure that all calls to the aspnet core web app have correct authorization so this problem can be corrected without a direct login using the https://<hostname>/UI. I've looked at other postings and solutions around a "302 Not Found" error, however, those seem related to custom urls, and I wouldn't expect having to do a custom solution because I am using the FileDownloadService provided within the aspnetzero angular client without modification.
I see the same error if I use one of the built-in features of AspnetZero, such as exporting audit logs to Excel. Similarly, if I login to the aspnet core site directly using "https://<hostname>/UI", the problem is corrected and I can download the audit log.
This problem was due to a local change to FileController.cs to require authentication using [AbpMvcAuthorize] By default, the File controller does not require authentication.
From communications (through email@example.com), I am looking at https://support.aspnetzero.com/QA/Questions/9571/Download-file-with-url-query-string-Auth-error#answer-d9417138-8ccb-839e-3ee7-39f755861c5f. as a means of protecting access.