Hi AspNetZero,
Thank you for responding to your inquiries. And here's another one.
Recently, we switched from in-memory cache to Redis cache and docker setup but impersonation is suddently not working as seen below. Do you have a clue on what's causing this issue?
Regards, Allan
26 Answer(s)
-
0
Hi,shipserv Is your problem caused by switching to Redis? I learned from log information that IAbpSession did not obtain tenant information.
-
0
hi Zony,
It's not related to Redis upon further investigation. Because we tested the codes with Redis on different environment (not docker) and it worked fine.
Regards, Allan
-
0
Hi shipserv, Do you think it is the reason for Docker? I will try to reproduce the problem in a Docker environment.
-
0
Hi Zony,
Yes, we think it is. Hope you can reprodue it asap as we are quite tight with the deadline.
Here are the base docker images we use for frontend. FROM node:10-alpine AS build-stage FROM nginx:alpine
and, FROM mcr.microsoft.com/dotnet/core/sdk:2.2 for backend
We tried this approach https://support.aspnetzero.com/QA/Questions/7642/Nginx-and-AbpTenantId-TenantIdResolveKey-Issue but problem still exists on "Login as Tenant" with backend error as seen in the stacktrace above.The tenantId is still missing from the session.
<br> Another issue we've seen so far is during switching tenant as seen below. The GetCurrentlyLoginInformation() returns "tenant":null as a response after successful switch. This is working on our existing environment (not docker).
Please keep us posted. Thank you!
Regards, Allan
-
0
Hi shipserv, The Cookie resolver used by ABP by default, when the cookie does not have a corresponding Key, it will cause the resolution to fail. I'm trying to reproduce this problem, you can also try to carry TenantId in the request header, its default Key is "Abp.TenantId".
Can you provide a screenshot of the cookie page of the debugging tool?
Please confirm whether there is a corresponding Cookie Key.
-
0
Hi Zony,
please see screenshots below, hope this helps
Regards,
JP
-
0
Hi Support,
Good morning!
Just following up on this. Any updates?
Regards,
JP
-
0
Hi shipserv, I was busy on weekends and did not deal with relevant content. I will check this issue today.
-
0
Thanks zony. :)
-
0
Hi shipserv, Can you provide the Request Headers information of the GetCurrentLoginInformations method, like this.
I have deployed to the Docker environment, but this has not happened.
-
0
In addition, I observed that your TenantIdResolveKey has changed. Please confirm whether you have configured it in the module.This Key should be consistent with the front end.
Is there a reverse proxy server such as NGINX in the front end of your API service? -
0
HI Zony,
Here's the screenshot of the Request Header, I don't see the Abp TenantId
Yes, we've modified the TenantIResolvekey. We removed the dot to see if it will work. We've seen posts with similar issues and that worked for them. But on our side, it does not work.
-
0
Can you provide a usable TenancyName? I want to check on your website whether the request header is really missing. ABP Zero will also get the tenant Id from the header to work when the cookie does not work.
-
0
At the same time, you can also write a test TestController, and write the following code in it to check whether the back-end service can get the Cookie or HTTP request header.
public class Issue9529 { public string CookieValue { get; set; } public string HeaderValue { get; set; } } [Route("/api/test")] public class TestController : AbpController { private readonly IHttpContextAccessor _httpContextAccessor; private const string TenantIdKey = "AbpTenantId"; // Change to yours. public TestController(IHttpContextAccessor httpContextAccessor) { _httpContextAccessor = httpContextAccessor; } [HttpGet] public Task<Issue9529> Get() { var response = new Issue9529 { CookieValue = _httpContextAccessor.HttpContext.Request.Cookies[TenantIdKey], HeaderValue = _httpContextAccessor.HttpContext.Request.Headers[TenantIdKey] }; return Task.FromResult(response); } }Send a request to the interface at the front end and observe the output of the interface.
-
0
Hi Zony,
Good morning! Hope you are well.
Sure. Please try using TN-58715, Url is https://admin.shipservlabs.com
Just to add to my previous response.
- Yes, we configured the TenantIdResolveKey in the module as per Abp documentation. And yes, it's consistent with the front-end.
- Yes, there is a reverse proxy.
- It NGINX in the new Docker setup. This is the reason why we changed the TenantIdResolveKey as NGINX might have an issue with the Original format (with the dot).
Best regards,
JP Maniago
-
0
Hi Zony,
Noted on the TestController. We'll try it out and revert when we have the result.
Best regards,
JP Maniago
-
0
Hi Zony,
We tried running the same code locally and on the server where we have the docker setup. Cookie not picked up on the docker setup. Any idea why this is so?
Best regards,
JP Maniago
-
0
Hi Zony,
You stated earlier that you have successfully deployed AspNetZero in docker and works properly.
"I have deployed to the Docker environment, but this has not happened."
If you don't mind can you please share to us your Docker file you used so that we can compare with ours.
Regards, Allan
-
1
Of course, please wait, I will send you the Dockerfile and Docker Compose later.
-
0
Hi Zony,
Good morning!
Just following up on the Dockerfile and Docker Compose, will you be able to share today?
-
0
Hi shipserv, Sorry, because the network failure did not respond in time, the following are my related documents. Please ignore the image acceleration configuration of the Dockerfile. Frontend:
FROM node as build-image RUN yarn config set registry 'https://registry.npm.taobao.org' WORKDIR /app COPY ./ ./ RUN npm config rm proxy && npm config rm https-proxy & \ yarn config delete proxy & \ yarn config set sass-binary-site http://npm.taobao.org/mirrors/node-sass & \ yarn config set registry https://registry.npm.taobao.org RUN yarn RUN yarn ng build --prod FROM nginx COPY --from=build-image /app/dist /usr/share/nginx/html COPY --from=build-image /app/default.conf /etc/nginx/conf.ddefault.conf:
server { listen 80; server_name localhost; client_max_body_size 1000m; location / { root /usr/share/nginx/html; try_files $uri $uri/ /index.html last; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }Backend:
FROM mcr.microsoft.com/dotnet/core/sdk:3.1 as build-image WORKDIR /home/app COPY ./ ./ RUN dotnet restore -s https://nuget.cdn.azure.cn/v3/index.json ./QADemo.All.sln RUN dotnet publish -c Release ./src/QADemo.Web.Host/QADemo.Web.Host.csproj -o /publish/ FROM mcr.microsoft.com/dotnet/core/aspnet:3.1 WORKDIR /publish COPY --from=build-image /publish . ENTRYPOINT ["dotnet", "QADemo.Web.Host.dll"]Docker-Compose:
version: '3.7' services: backend: image: issue9529-backend expose: - 5000 container_name: issue9529-backend networks: - internal-network frontend: image: issue9529-frontend expose: - 80 container_name: issue9529-frontend networks: - internal-network networks: internal-network: external: true -
0
Hi Zony,
No worries. Thank you for sharing.
We'll try it out and revert immediately.
Regards,
JP Maniago
-
1
I think I already know your problem, your situation is caused by cookies across domains.In my environment, I put them under the same domain name.I don't know why, your request does not seem to carry the request header, please try to upgrade to the latest version.If your front and back ends are deployed separately, I think you should use the request header to carry the tenant Id.
server{ listen 80; server_name issue9529.gd; underscores_in_headers on; location / { proxy_set_header Cookie $http_cookie; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-real-IP $remote_addr; proxy_set_header X-NginX-Proxy true; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://issue9529-frontend:80; } location /api { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-real-IP $remote_addr; proxy_set_header X-NginX-Proxy true; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://issue9529-backend:5000; } location /AbpUserConfiguration { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-real-IP $remote_addr; proxy_set_header X-NginX-Proxy true; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://issue9529-backend:5000; } location /swagger { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-real-IP $remote_addr; proxy_set_header X-NginX-Proxy true; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://issue9529-backend:5000; } } -
0
Awesome! Thanks Zony.
Will inform our infra team about this.
Regards,
JP Maniago
-
0
Hi @shipserv
Please reopen if your problem is not solved.
Thanks,
-
0
Hi Zony, ismcagdas
Setting up both the front-end and back-end solved the impersonation issue.
Sorry for the late notice.
Thank you for your help.
Regards,
JP Maniago
