Base solution for your next web application
Open Closed

Issue impersonating user #1950


User avatar
0
joe704la created

I am having an issue impersonating the user. It looks like it has to do with the anti-forgery token was meant for a different claims-based user. Below you can see some of the log entries when I try to impersonate...

WARN 2016-11-15 08:16:45,120 [35 ] ity.AntiForgery.AbpMvcAntiForgeryManager - The provided anti-forgery token was meant for a different claims-based user than the current user. WARN 2016-11-15 08:16:45,121 [35 ] rity.AntiForgery.AbpAntiForgeryApiFilter - Empty or invalid anti forgery header token. WARN 2016-11-15 08:16:45,121 [35 ] rity.AntiForgery.AbpAntiForgeryApiFilter - Requested URI: <a class="postlink" href="http://localhost:6241/api/services/app/session/GetCurrentLoginInformations">http://localhost:6241/api/services/app/ ... formations</a> WARN 2016-11-15 08:16:45,228 [18 ] ity.AntiForgery.AbpMvcAntiForgeryManager - The provided anti-forgery token was meant for a different claims-based user than the current user. WARN 2016-11-15 08:16:45,228 [18 ] rity.AntiForgery.AbpAntiForgeryApiFilter - Empty or invalid anti forgery header token. WARN 2016-11-15 08:16:45,228 [18 ] rity.AntiForgery.AbpAntiForgeryApiFilter - Requested URI: <a class="postlink" href="http://localhost:6241/api/services/app/userLink/GetRecentlyUsedLinkedUsers">http://localhost:6241/api/services/app/ ... inkedUsers</a> WARN 2016-11-15 08:16:45,230 [56 ] ity.AntiForgery.AbpMvcAntiForgeryManager - The provided anti-forgery token was meant for a different claims-based user than the current user. WARN 2016-11-15 08:16:45,231 [56 ] rity.AntiForgery.AbpAntiForgeryApiFilter - Empty or invalid anti forgery header token. WARN 2016-11-15 08:16:45,231 [56 ] rity.AntiForgery.AbpAntiForgeryApiFilter - Requested URI: <a class="postlink" href="http://localhost:6241/api/services/app/notification/GetUserNotifications">http://localhost:6241/api/services/app/ ... ifications</a> WARN 2016-11-15 08:16:45,299 [18 ] Abp.Logging.LogHelper - Abp.Authorization.AbpAuthorizationException: Current user did not login to the application!


5 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    I have tried to reproduce this error but couldn't succeed. Can you describe the steps to reproduce this error ?

    If this happens when you login and try to impersonate, then please send your project to us via email to <a href="mailto:[email protected]">[email protected]</a>.

    For a temporary solution, you can use DisableAbpAntiForgeryTokenValidationAttribute for impersonate action.

  • User Avatar
    0
    joe704la created

    The only only thing I do to reproduce it is find the user in the user liat and click the impersonate user. It immediately errors out.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    We couldn't reproduce the problem, please send your project via email to <a href="mailto:[email protected]">[email protected]</a>. If your project contains confidential information, we will try to find another solution.

  • User Avatar
    0
    joe704la created

    I will try to figure it out. The project is too big to send over email.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    You can delete the content of nuget packages folder (except packges.config) and bin and obj folders. Is that still big when you delete those files ?