Ok - I've figured it out.
The template contains a web.config which contains hard-coded environment variable overrides:
<environmentVariables>
<!--environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" /-->
<environmentVariable name="COMPLUS_ForceENC" value="1" />
</environmentVariables>
I commented this out, and it is now correctly loading the environment from Azure App Settings.
Hi,
I've done some more investigation.
It does appear that the app is not loading 'appsettings.Staging.json'.
I have logged into Azure console, and check the environment variables:
ASPNETCORE_ENVIRONMENT=Staging
Has been set...
And my settings file name (as per the template)
appsettings.Staging.json
I can put an error in this json file, and reload the web service (by touching the web.config) - and no error is shown. If I put a syntax error in appsettings.json and reload the app - I do get an error.
So, it's clear that the web app is loading appsettings.json, NOT appsettings.Staging.json - even though the ASPNETCORE_ENVIRONMENT environment variable has been set.
Please advise,
Thanks,
Another test result - the following works, for ALL subdomains - not just single-level ones
builder
.WithOrigins(
// App:CorsOrigins in appsettings.json can contain more than one address separated by comma.
"http://*.myredactedhost.com"
.Split(",", StringSplitOptions.RemoveEmptyEntries)
.Select(o => o.RemovePostFix("/"))
.ToArray()
)
.SetIsOriginAllowedToAllowWildcardSubdomains()
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
It looks like there are are some known issues here, but no AzpNetZero sanctioned resolution. Can you please confirm what the resolution process is?
https://support.aspnetzero.com/QA/Questions/7212/Chat-feature-is-not-working-on-Angular-app-deployed-as-a-container-in-Azure https://support.aspnetzero.com/QA/Questions/8864/CORS-configuration-problem---850
Hi @ismcagdas,
I have made some progress. I realised that: builder.AllowAnyOrigin();
and
builder.AllowCredentials();
are not compatible - interestingly, this error was not made visible in the issue I was having. When I removed "AllowAnyOrigin" and replaced it with a specific host - it worked correctly.
What this indicates, is that there is something wrong with the configuration.
I have investigated further, and found this to be the problem.
This configuration works: "CorsOrigins": "http://portal.myredactedhost.com:80,http://subdomain.portal.myredactedhost.com:80"
This configuration does NOT work ("Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource."):
"CorsOrigins": "http://portal.myredactedhost.com:80,http://*.portal.myredactedhost.com:80"
I am using the ASPnet Zero code for setting the CORS options:
//Configure CORS for angular2 UI
services.AddCors(options =>
{
options.AddPolicy(DefaultCorsPolicyName, builder =>
{
//App:CorsOrigins in appsettings.json can contain more than one address with splitted by comma.
builder
.WithOrigins(
// App:CorsOrigins in appsettings.json can contain more than one address separated by comma.
_appConfiguration["App:CorsOrigins"]
.Split(",", StringSplitOptions.RemoveEmptyEntries)
.Select(o => o.RemovePostFix("/"))
.ToArray()
)
.SetIsOriginAllowedToAllowWildcardSubdomains()
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
});
});
So, it appears that it is the wildcards that are causing the server to not send the CORS allowed domains header.
Thanks @bobingham - nice design.
I'm using Flutter.
Your proposal doesn't quite fit for me however - as registration can happen either through the app or via the web.
Even if the user initially registers through the app - they will likely log on using other devices, which is not another registration - just a login.
The only way I can see (and the cleanest) is for the server to offer a list of tenants, once the user has been authenticated against at least one of the tenants.
Something like this (server-side pseudo code):
var listOfTenants = tenants.Where(x => x.email == userSubmittedEmail && x.password == userSubmittedPassword)
if (listOfTenants.Count == 0)
return InvalidLoginAttempt()
else
{
var firstTenant = listOfTenants.First();
GenerateAuthenticationToken(firstTenant);
if (listOfTenants.Count == 1)
return RedirectToWelcomePage(firstTenant)
else
return RedirectToTenantChooser(listOfTenants)
}
Hi,
I got this to work, now I want to package this into a Module. How now do I get access to the "Services" collection from inside an AbpModule to I can register the filter?
// how can I get access to "services" within AbpModule.Initialize, or PostInitialize... etc? services.Configure<MvcOptions>(options => { options.Filters.Add(typeof(YourFilter)); });
Thanks,
Hi @ismcagdas and @maliming,
This is all great and pertinent information for those evaluating these platforms. I'd love to see a page on both the Zero and ABP sites to hold this information - it's not entirely clear at first blush why one would choose one over the other, but the information you have provided here clears up the confusion.
Thanks,
Hi @Maliming - thanks for that explanation.
I'm more interested, however, in the difference between the 2 apparently similar streams - ABP vs ZERO?
Why would I use "Zero" vs "ABP Commercial" or vice versa? Why do 2 apparently overlapping paid solutions exist?
Hi there,
Thanks for the extra details. The error still occurs. The following code cannot be called inside an IAsyncActionFilter.OnActionExecutionAsync without generating a null ref error.
var _dbContext = _dbContextProvider.GetDbContext();