Recently, many of our users get error while they try to login:
Internal Error
Cannot insert the value NULL into column 'EmailAddress', table 'PROJECT.dbo.AbpUsers'; column does not allow nulls. UPDATE fails.
The statement has been terminated.
Most of these users have not logged in for a couple of months. I checked those users' AbpUser.EmailAddress record. It is NOT NULL. Their passwords are never expired. However, if I reset their password, the problem would be gone. Unfortunately, I can't reset password for every one.
I traced Log.txt. There is no warning, but some fails, such as:
uthentication.JwtBearer.JwtBearerHandler - Failed to validate the token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1laWRlbnRpZmllciI6IjIiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiYWRtaW4iLCJBc3BOZXQuSWRlbnRpdHkuU2VjdXJpdHlTdGFtcCI6IjRlNzhjMzIyLTRjM2ItNTRkNy1kMzQ4LTM5ZGVjMmRmZTI1NSIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6WyJBZG1pbiIsImMxYmQxMmUwZWEzYjQ1ZGRiYzM2OTJkMjUxZTQ5MDU4Il0sImh0dHA6Ly93d3cuYXNwbmV0Ym9pbGVycGxhdGUuY29tL2lkZW50aXR5L2NsYWltcy90ZW5hbnRJZCI6IjEiLCJzdWIiOiIyIiwianRpIjoiYzIwYTk2NzMtMTkwNi00MWFiLWFhZWYtMzFjMWNlNGE4YWEwIiwiaWF0IjoxNTQ5MzAzMDA2LCJuYmYiOjE1NDkzMDMwMDYsImV4cCI6MTU0OTM4OTQwNiwiaXNzIjoiU05ldCIsImF1ZCI6IlNOZXQifQ.bdh-Uo7bzXmGs3xjALUedYqXHzQgvMGffra_UmOcp0k.
Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException: IDX10223: Lifetime validation failed. The token is expired.
ValidTo: '02/05/2019 17:56:46'
Current time: '02/05/2019 21:33:04'.
It seems their Token expired. Can you advise me how to refresh the token to workaround this "Internal Error"?
Thanks,
5 Answer(s)
-
0
Please share the full stack trace.
-
0
I tried it again, and get the full stack trace as following. I forgot to mention, we enabled LDAP Authentication.
I tried one user with his username and password. The login failed. Here is the screen shot:
The log on server side: INFO 2019-02-06 09:38:58,510 [88 ] soft.AspNetCore.Hosting.Internal.WebHost - Request starting HTTP/1.1 OPTIONS http://stg.company.com/api/TokenAuth/Authenticate INFO 2019-02-06 09:38:58,510 [88 ] pNetCore.Cors.Infrastructure.CorsService - Policy execution successful. INFO 2019-02-06 09:38:58,510 [88 ] soft.AspNetCore.Hosting.Internal.WebHost - Request finished in 0.1799ms 204 INFO 2019-02-06 09:38:58,607 [70 ] soft.AspNetCore.Hosting.Internal.WebHost - Request starting HTTP/1.1 POST http://stg.company.com/api/TokenAuth/Authenticate application/json 158 INFO 2019-02-06 09:38:58,607 [70 ] pNetCore.Cors.Infrastructure.CorsService - Policy execution successful. INFO 2019-02-06 09:38:58,610 [70 ] pNetCore.Cors.Infrastructure.CorsService - Policy execution successful. INFO 2019-02-06 09:38:58,619 [70 ] ore.Mvc.Internal.ControllerActionInvoker - Executing action method SNet.Web.Controllers.TokenAuthController.Authenticate (SNet.Web.Core) with arguments (SNet.Web.Models.TokenAuth.AuthenticateModel) - ModelState is Valid WARN 2019-02-06 09:39:02,625 [45 ] Mvc.ExceptionHandling.AbpExceptionFilter - Internal Error Abp.UI.UserFriendlyException: Internal Error INFO 2019-02-06 09:39:02,625 [45 ] etCore.Mvc.Internal.ObjectResultExecutor - Executing ObjectResult, writing value Microsoft.AspNetCore.Mvc.ControllerContext. INFO 2019-02-06 09:39:02,626 [45 ] ore.Mvc.Internal.ControllerActionInvoker - Executed action SNet.Web.Controllers.TokenAuthController.Authenticate (SNet.Web.Core) in 4015.5818ms INFO 2019-02-06 09:39:02,626 [45 ] soft.AspNetCore.Hosting.Internal.WebHost - Request finished in 4019.1264ms 500 application/json; charset=utf-8
A strange thing is that, I tried to use the user's email address to login with same password. It succeeds:
It always has client side errors even login succeed. Here is a screen shot after a freqent user logged in:
-
0
Hi @fguo
Are you using external login ? If so, probably EmailAddress is not retrieved from claims. For the woff problem, you need to allow woff and woff2 mime types on your web server.
-
0
I found the problem. Those LDAP users have no email record on AD. After I added it, the error is gone.
Here is a new issue I found after that. After I added a test email on AD, that user can login, and AbpUsers was inserted a new user record with a value in both fields of "EmailAddress" and "NormalizedEmailAddresss". It is as expected. However, after the we changed the email address in AD and user login again, only the AbpUsers.EmailAddress changed accordingly, and the NormalizedEmailAddresss still keeps the old value. This causes the user cannot login with his email (instead of username). I have to manually edit the user settings (just open the edit form, do not change anything, and click "save" button) to keep these two fields synched.
I think this is a bug. The value of both of "EmailAddress" and "NormalizedEmailAddresss" should be always syched under any circumstances, right?
-
0
It should already be updated here:
https://github.com/aspnetboilerplate/aspnetboilerplate/blob/5e3c7aea7a2b5f0f94133f7c2dca485fb51e28e4/src/Abp.ZeroCore/Authorization/AbpLoginManager.cs#L325
