Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

ABP Framework - Authorization #268


User avatar
0
samvh created

Hello, I'm using the ABP Framework to create a multipage-webapplication but stumbled on a problem trying to implement the authorization.

Using abp.ajax I call the /Account/Login method. All the necessary code is executed, for example: "AuthenticationManager.SignIn(new AuthenticationPr..." and I get returned to the ajax success method but when going to a controller with the [AbpMvcAuthorize] applied I still end on a permission denied page.

PS: I already asked the question on stackoverflow: <a class="postlink" href="http://stackoverflow.com/questions/31901970/asp-net-boilerplate-authorization-not-working">http://stackoverflow.com/questions/3190 ... ot-working</a>

Thanks!


8 Answer(s)
  • User Avatar
    0
    hikalkan created
    Support Team

    Let's continue on stackoverflow.

  • User Avatar
    0
    tkueny created

    I know this is a bit late, however I hit the same issue in my project. It turned out to be an issue with the bower packages. Somehow my project automatically updated my Abp & Abp.Zero nuget-packages to 11.3, but the abp-web-resources were still on 11.2, and I was stuck on this for like 2 days. I ran a restore bower packages command and it was upgraded to 11.3, and then everything worked magically.

  • User Avatar
    0
    tkueny created

    I wanted to follow up on this, I actually may need to take back my last reply.

    As it turns out I am still having the issue. Though I was able to narrow down to where I think the issue is coming from. It seems that when trying to login, after calling the HttpContext.Authentication.SignOutAsync/SignOutAsync from the login page, an error is showing up in the logs, and prevents the login from succeeding. The error is -

    An unhandled exception has occurred while executing the request System.ArgumentException: An item with the same key has already been added. at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.FrameHeaders.ThrowDuplicateKeyException() at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.FrameResponseHeaders.AddValueFast(String key, StringValues value) at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.FrameHeaders.System.Collections.Generic.IDictionary<System.String,Microsoft.Extensions.Primitives.StringValues>.Add(String key, StringValues value) at Abp.AspNetCore.Mvc.Results.AbpResultFilter.SetNoCache(ResultExecutingContext context) at Abp.AspNetCore.Mvc.Results.AbpResultFilter.OnResultExecuting(ResultExecutingContext context) at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeResultFilterAsync>d__31.MoveNext()

    I have been looking at this all day, and yesterday and am not really able to find a resolution. What I have found so far though is it seems to be related to the Abp javascript bower package (0.11.3) and/or the latest 0.12.0 version of Abp. I recently upgraded to 0.12.0, now that I think about it, I think that is when the issue started happening. I even went as far to revert my whole project back to Abp 0.11.3 and the issue went away. Is there a bower package for Abp 0.12.0? Is it needed for server version 0.12.0? Also, can anyone else reproduce this? Any help will be much appreciated as I am currently unable to login to my application. FYI - I only noticed the issue after I logged which is why I was not able to notice it happening right away. Also, I am using the standard boilerplate code for SignIn/SignOut from aspnet zero.

    Thanks

  • User Avatar
    0
    tkueny created

    Hey,

    So I did manage to just figure out a work around for the issue I am having, though I would hopefully like to resolve the actual issue. I ended setting Configuration.Modules.AbpAspNetCore().SetNoCacheForAjaxResponses in the web module to false. This allows me to login successfully. I figured to try this as it seems with the latest verson 0.12.0, this was changed. It was basically just luck. Though I am not sure why as the source code does not seem to adding to the response headers, only setting them. Either way, any ideas would be very helpful as caching will be bad once we goto release our product. Do you think this may be related to the javascript version of Abp (0.11.3) -> 0.12.0?

    BTW, I don't think this is related to the first post in this thread, though not sure 100%. Should we create a new one?

    Thanks

  • User Avatar
    0
    hikalkan created
    Support Team

    Hi,

    We had a bug in Abp.AspNetCore v0.12 package and I published v0.12.0.1 (<a class="postlink" href="https://www.nuget.org/packages/Abp.AspNetCore">https://www.nuget.org/packages/Abp.AspNetCore</a>) which fix this issue (<a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/issues/1363">https://github.com/aspnetboilerplate/as ... ssues/1363</a>). Have you tried to upgrade it?

  • User Avatar
    0
    tkueny created

    Yes, I just tried to upgrade and seems to work from initial testing. Thank you very much!

    When will the bower package for 0.12* version be released?

    Thanks

  • User Avatar
    0
    hikalkan created
    Support Team

    We will not release it since it has no change.

  • User Avatar
    0
    tkueny created

    Ok, got it. Makes sense. Thanks again for your help.