I use the AbpMvcAuthorize attribute on many controller methods (not the entire controller) to grant privileges. However, if the user doesn't have that permission, the default action of the attribute seems to be to redirect back to the login page. Because I am using OpenID SSO, it redirects the user to the SSO login page. What I want to do is to just take them to a static "Unauthorized" page that I have created. Is that possible?
Thanks, Bryan
The project that we are working on has fairly high requirements concerning compliance with web accessibility standards (WCAG, Section 508, etc).
Currently, most of the pages and web forms that are pre-built in the Zero project templates are not very accessible. Web form fields are not linked to their corresponding labels ("for" attribute). The use of ARIA attributes is also limited.
If possible, it would be a nice enhancement to include accessibility markup as part of the base Zero template so we don't have to go through and add it.
Thanks, Bryan
Is this still not supported yet? We are interested in migrating our CORE 1.x MVC/jQuery Zero solution to CORE 2 + Angular, but we use OpenId Connect for Single Sign-On to an external provider.
Thanks, Bryan
Great. Thanks.
Is it on your roadmap at this point? Or way off in the distance?
Any update on this item? Having a session timeout option is pretty important.
Thanks, Bryan
We have an AspNetZero app currently deployed on an Azure WebApp that runs between 3 and 5 instances at a given time. Currently we are using the default in-memory cache provider, but I am looking to changing this to Redis. If we do that (by creating an Azure Redis cache and uncommenting the Redis config in WebCoreModule), will Abp use Redis for its session info also?
I would like to disable the Afinity Cookie in the Azure web app so that user sessions are no longer sticky to a specific machine and can be served by any machine in the cluster for any request (with all session state being in Redis). Is that the only change needed? Or is there something different for session storage?
Thanks, Bryan
Thanks. I did see all of the documentation for the Redis setup. I just wanted to confirm that AbpSession would automatically utilize that so that if I disabled sticky sessions on Azure I would not break anything. Because ABP does its own session management, I just wasn't sure.
Thanks again, Bryan
P.S. -- I have found just keeping my sig updated is easier than including my Zero version in every post. ;)
@alper,
I have setup a local redis cache and made the necessary changes to ABP. When I look at the cache, I see a bunch of standard Abp stuff in there (AbpApplicationSettings, TenantSettings, UserSettings, etc). However, I don't see anything related to user sessions. My goal is to eliminate the in-memory session provider so that I can turn off sticky cookies on our Azure web cluster.
This web page goes through the "normal" steps to do that with an ASP.Net web app : [https://docs.microsoft.com/en-us/azure/redis-cache/cache-aspnet-session-state-provider]). However, I know that Abp uses it's own session management, so I wasn't sure if anything else needed to be done to ensure that the session state was being stored in the cache and not in the web server. I'm sorry to ask again, but your response didn't speak directly to the session question that I am trying to resolve.
Thanks, Bryan
Just like rvanwoezik,
On 5.3 CORE MVC + jquery, changing the Header desktop skin from light to dark doesn't do anything. It seems to always be set to light.