I have some permissions defined in the AuthProvided, and when I run it on my dev site, I see that it creates the permissions in my DB. When I move the code to prod, it doesn't create the permissions in the database. Ideas? I can still create users/login.
If I turn of WSFederation the registration page will work. This error is occurring when it I press "Register" but its not making it to the action in the controller.
[ArgumentNullException: Value cannot be null.
Parameter name: parameter]
Microsoft.IdentityModel.Protocols.AuthenticationProtocolMessage.SetParameter(String parameter, String value) +103
Microsoft.IdentityModel.Protocols.WsFederationMessage..ctor(IEnumerable`1 parameters) +217
Microsoft.Owin.Security.WsFederation.<AuthenticateCoreAsync>d__1f.MoveNext() +1589
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +92
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() +28
public void Configuration(IAppBuilder app)
{
app.UseAbp();
app.UseOAuthBearerAuthentication(AccountController.OAuthBearerOptions);
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
if (IsTrue("ExternalAuth.Facebook.IsEnabled"))
{
app.UseFacebookAuthentication(CreateFacebookAuthOptions());
}
if (IsTrue("ExternalAuth.Twitter.IsEnabled"))
{
app.UseTwitterAuthentication(CreateTwitterAuthOptions());
}
if (IsTrue("ExternalAuth.Google.IsEnabled"))
{
app.UseGoogleAuthentication(CreateGoogleAuthOptions());
}
if (IsTrue("ExternalAuth.MMCFederation.IsEnabled"))
{
app.UseWsFederationAuthentication(CreateWsFederationAuthOptions());
}
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
app.MapSignalR();
//ENABLE TO USE HANGFIRE dashboard (Requires enabling Hangfire in PlatformWebModule)
//app.UseHangfireDashboard("/hangfire", new DashboardOptions
//{
// Authorization = new[] { new AbpHangfireAuthorizationFilter() } //You can remove this line to disable authorization
//});
}
private static WsFederationAuthenticationOptions CreateWsFederationAuthOptions()
{
var websiteAddress = ConfigurationManager.AppSettings["MMCFederation.Address"];
var wtrealm = ConfigurationManager.AppSettings["MMCFederation.Address"];
var metaDataAddress = "https://fs.mmcweb.com/FederationMetadata/2007-06/FederationMetadata.xml";
return new WsFederationAuthenticationOptions
{
Wtrealm = wtrealm,
MetadataAddress = metaDataAddress,
AuthenticationType = "Windows",
Notifications = new WsFederationAuthenticationNotifications
{
RedirectToIdentityProvider = notification =>
{
if (notification.ProtocolMessage.IsSignOutMessage)
{
notification.HandleResponse();
}
notification.ProtocolMessage.Wreply = websiteAddress.EnsureEndsWith('/') + "Account/ExternalLoginCallback";
return Task.FromResult(0);
},
SecurityTokenValidated = notification =>
{
var name = notification.AuthenticationTicket.Identity.Name;
notification.AuthenticationTicket.Identity.AddClaim(new Claim(ClaimTypes.Name, name));
return Task.FromResult(0);
}
}
};
}
In my code I'm calling a apb.notify and its throwing an error. Its related to toastr it looks like
.done(function(data) {
abp.notify.success('Address Verification Reset!', 'test');
grid.dataSource.read();
});
Its trying to do this:
http://localhost:30001/Content/data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAADsSURBVEhLY2AYBfQMgf/3P8+/evAIgvA/FsIF+BavYDDWMBGroaSMMBiE8VC7AZDrIFaMFnii3AZTjUgsUUWUDA8OdAH6iQbQEhw4HyGsPEcKBXBIC4ARhex4G4BsjmweU1soIFaGg/WtoFZRIZdEvIMhxkCCjXIVsATV6gFGACs4Rsw0EGgIIH3QJYJgHSARQZDrWAB+jawzgs+Q2UO49D7jnRSRGoEFRILcdmEMWGI0cm0JJ2QpYA1RDvcmzJEWhABhD/pqrL0S0CWuABKgnRki9lLseS7g2AlqwHWQSKH4oKLrILpRGhEQCw2LiRUIa4lwAAAABJRU5ErkJggg==
I'm assuming its trying to load an image that goes with the message? Since I don't see a "Check" on the success, just a green message box.
It tells me: The length of the URL for this request exceeds the configured maxUrlLength value.
An exception of type 'Abp.UI.UserFriendlyException' occurred in Platform.Web.dll but was not handled in user code
Additional information: Ooppps! There is a problem!
Debug tries to open "UnitOfWorkInterceptor.cs"
Website then tells me I have a runtime error and to disable "Custom Errors" to see the message.
public ActionResult Index()
{
throw new UserFriendlyException("Ooppps! There is a problem!", "You are trying to see a product that is deleted...");
return View();
}
I keep getting the error of "The operation is not valid for the state of the transaction" when I try to call another method from one of our internal APIs. So the internal API has its own context and makes calls to the DB but it seems ABP is preventing them? I tried with the UOW Disabled and isTransact = false and still no luck. What am I doing wrong?
Controller:
try
{
var test = _apiAppService.GetLists(147);
//using (var api = DmpApi.GetApiInstance(147))
//{
// var test = api.GetDataAugmentationLists();
//}
}
catch (Exception ex)
{
var error = ex;
}
Service:
public class APIAppService : PlatformAppServiceBase, IAPIAppService
{
[UnitOfWork(IsDisabled = true)]
public List<DAList> GetLists(int clientId)
{
var data = new List<DAList>();
using (var api = DmpApi.GetApiInstance(clientId))
{
data = api.GetDataAugmentationLists();
}
return data;
}
}
Whats the best way to implement some custom user claims?
Im thinking I can create a new call in the Users AppService
public async Task CustomClaim(ProhibitPermissionInput input)
{
var user = await UserManager.GetUserByIdAsync(input.UserId);
//var permission = _permissionManager.GetPermission(input.PermissionName);
await UserManager.AddClaimAsync(input.UserId, new Claim("AllowedClients", "1,2,3"));
//await UserManager.ProhibitPermissionAsync(user, permission);
}
And then I think I need to modify something else to pull them out when they login correct?
I created some new permissions in my AuthorizationProvider and assigned them to some navigation nodes. But when I add them to the table in the DB it doesnt take affect until I restart the app pool? This doesnt seem normal, am I missing something someplace?
Once i restart the app pool/VS the nodes appear just fine. Do I need to call a method just for testing until I build out the role/permissions screens?
Is there an example that shows the nav menu using roles instead of permissions or where I would start to extend it so it can use roles instead of permissions.
Im trying to use the Federation Authentication and its working when the user logins in using /Account/Login. But if the user isnt logged in and hits a [AbpMvcAuthorize] tag the site doesnt redirect to /Account/Login like I would expect it to. Instead it actually takes them to the Federation Auth server, and then the user gets stuck in a ADFS redirection loop.
What am I missing?
var cookieOptions = new CookieAuthenticationOptions
{
//AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login/"),
CookieManager = new SystemWebCookieManager()
};
app.UseAbp();
app.UseKentorOwinCookieSaver();
app.UseCookieAuthentication(cookieOptions);
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
if (IsTrue("ExternalAuth.WsFederation.IsEnabled"))
{
app.UseWsFederationAuthentication(CreateWsFederationAuthOptions());
}
private static WsFederationAuthenticationOptions CreateWsFederationAuthOptions()
{
var options = new WsFederationAuthenticationOptions
{
MetadataAddress = "https://fs/FederationMetadata/2007-06/FederationMetadata.xml",
AuthenticationType = "Windows",
Caption = "Domain",
//localhost
Wreply = "https://prodapp2/Account/Login/",
Wtrealm = "https://prodapp2/Account/Login/"
};
return options;
}