Prerequisites
- What is your product version? -> 8.1
- What is your product type (Angular or MVC)? -> Angular
- What is product framework type (.net framework or .net core)? -> .net core
Hello,
I have one more issue regarding the hosting setup (hopefully more or less the last one ;-) ) and hope you can help me with this one, too. As per documentation (https://docs.aspnetzero.com/en/aspnet-core-angular/v8.1.0/Overview-Angular#multi-tenancy) I understand that we can have customers set their tenant via the URL for convenience, which is great.
Before the actual question please correct me if this is not correct:
- tenant users can access their tenant login through tenant.coolapp.mydomain.com,
- host users can access their tenant login through coolapp.mydomain.com..?
I am running separate host and angular pages behind separate NGINX containers (reverse proxy and SSL offloading) and tried the following configuration:
Host (appsettings.Production.json)
[...]
"ServerRootAddress": "https://{TENANCY_NAME}.coolapp.mydomain.com:4443/",
"ClientRootAddress": "https://{TENANCY_NAME}.coolapp.mydomain.com/",
"CorsOrigins": "https://coolapp.mydomain.com,https://*.coolapp.mydomain.com,https://{TENANCY_NAME}.coolapp.mydomain.com",
[...]
Angular (appconfig.production.json)
[...]
"remoteServiceBaseUrl": "https://{TENANCY_NAME}.coolapp.mydomain.com:4443",
"appBaseUrl": "https://{TENANCY_NAME}.coolapp.mydomain.com",
[...]
This is removing the tenant selection on the login page for host (coolapp.mydomain.com) and logging in fine for host, but giving CORS error for tenant.coolapp.mydomain.com. I also had a different setting where login via tenant.coolapp.mydomain.com worked, but ended up in host, too. Is there anything wrong with the configs above, anything to consider due to the NGINX reverse proxies? Before trying to set up the TENANCY_NAME feature I had everything up running smoothly (angular on http(s)://coolapp.mydomain.com and host on https://coolapp.mydomain.com:4443) with those proxies and didn't touch their configs since.
Thanks in advance for your support!
8 Answer(s)
-
0
Hi,
By default, AspNet Zero uses "." in tenantId header, so it might be blocked by Nginx, you can turn it of using http://nginx.org/en/docs/http/ngx_http_core_module.html#ignore_invalid_headers
-
0
Hi,
Sorry for the delay, we finally had the chance to investigate this further now. invalid_headers had been already set, the remaining issues were/are the following:
- Firefox can throw CORS errors due to invalid SSL certificates -> problem solved
- Accessing "https://Default.coolapp.mydomain.com" does not work because it canges to "https://Default.coolapp.mydomain.com" and thus redirects to host
Is this lowercasing an nginx issue or coming from the app?
Thanks again!
-
0
Hi @ips-ad
Do you mean changes to
https://default.coolapp.mydomain.com? I haven't faced such a problem with NGINX but this might be related. Does that work if you also change Tenancy Name of related tenant ? -
0
Yes, my bad, sorry - of course I meant that it changes to
https://default.coolapp.mydomain.com. It looks like already the common browsers are converting the request to lowercase for the domain part and not exen NGINX.If I change the TenancyName from Default to default in the database, then I'm able to log in from the subdomain (but Zero creates an additional "Default" tenant on next start).
Is it even possible to identify tenants with case sensitive TenancyNames realiably by a subdomain? Or should TenancyNames generally be set lowercase on tenant creation?
-
0
Hi @ips-ad
Sorry for my late reply. Probably this is related to your database setup. Could you share which database provider you use and its collation ?
Thanks,
-
0
Hi,
No worries :-) We use Postgres (like described here https://aspnetboilerplate.com/Pages/Documents/EF-Core-PostgreSql-Integration) and the collation property in the table properties says "German_Germany.1252". The DB was created with VS and the "update-database" command.
Did we apply anything wrong..?
-
0
Hi,
Could you take a look at http://www.npgsql.org/efcore/misc/collations-and-case-sensitivity.html?tabs=data-annotations and try using a case-insensitive collation ?
-
0
Hi,
Thanks for the input, we created a migration to make the TenancyName citext in PgSQL, now it works as it should for the login by subdomain and also does not allow to create a tenant with TenancyName that matches an existing one with case insensitive check.
