Base solution for your next web application
Open Closed

Impersonate doesn't work on AWS Elastic Beanstalk - Production environment #11426


0
Aitor created

Greetings everyone, please I request your help with this case. We have a problem applying the concept of User Impersonate, which works correctly in the development environment, but in a production environment mounted on AWS Elastic Beanstalk and NGINX as a web server, it does not work because the cache loses the data of the user who performs the impersonation. The error we get is the following:

Abp.Authorization.AbpAuthorizationException: The current tenant is different from the given tenant. AbpSession.TenantId: , given tenant id: 1 in PARPlatform.Web.Controllers.TokenAuthController.ImpersonatedAuthenticate(String impersonationToken) in /builds/webcreeklab/platformpar/aspnet-core/src/PARPlatform.Web.Core/Controllers/TokenAuthController.cs:line 402 at lambda_method4875(Closure, Object) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, object handler, Object[] arguments) Caller, TaskInTakerController, LastActionTask) Next State, Scope, Object State, Boolean is Completed)

And that happens in this method of the ImpersonationManager class where AbpSession.TenantId is NULL:

private void CheckCurrentTenant(int? tenantId) { if (AbpSession.TenantId != tenantId) { throw new Exception($"Current tenant is different than given tenant. AbpSession.TenantId: {AbpSession.TenantId}, given tenantId: {tenantId}"); } }

For this reason, we require your support to understand what the problem is and how to solve it. Thank you


4 Answer(s)
  • 0
    ismcagdas created
    Support Team

    Hi @Aitor

    Is your app running as 1 instance or more than 1 instance ?

    Thanks,

  • 0
    Aitor created

    Greetings and thanks for your response. Yes, we have several instances on EC2, because we are in the process of developing features and we have a working production environment.

    It is the same application that is deployed in different environments for quality control until it reaches Production, but they are completely separate instances from one another, each with its API, its web application (UI) and its own DB, access to these for the same domain in CloudFlare using cnames:

    https://dev.aequales.com/ https://qa.aequales.com/ https://uat.aequales.com/ ......

  • 0
    Aitor created

    Hi,

    I resend the required since it has been 15 days since last answer from support team and we need to progress with this issue. Thanks.

    "Greetings and thanks for your response. Yes, we have several instances on EC2, because we are in the process of developing features and we have a working production environment.

    It is the same application that is deployed in different environments for quality control until it reaches Production, but they are completely separate instances from one another, each with its API, its web application (UI) and its own DB, access to these for the same domain in CloudFlare using cnames:

    https://dev.aequales.com/ https://qa.aequales.com/ https://uat.aequales.com/ ......"

    image.png

  • 0
    ismcagdas created
    Support Team

    Hi @Aitor,

    Sorry for our late reply. Somehow, your question was closed. Probably it is closed by you or by our team accidentally. That's why we couldn't see your question as a open question.

    If your API app is running on more than 1 instance, then you should switch to a distributed cache instead of memory cache. AspNet Zero uses memory cache by default. You can check https://docs.aspnetzero.com/en/aspnet-core-angular/latest/Clustered-Environment#switching-to-a-distributed-cache to switch to Redis for example.

    Maybe before doing this, you can make sure for API app to run only 1 instance and see if it works in that case.