Also, on my end, no user can login to my tenant, regardless of profile.
We're going to need someone from support to resolve this - It authenticates, redirects to app - and somewhere inside ABP or the ANZ modules, the following tems get logged and it redirects from App back to login.
INFO 2020-07-31 18:35:18,271 [24 ] uthorization.DefaultAuthorizationService - Authorization failed.
INFO 2020-07-31 18:35:18,271 [24 ] tion.Cookies.CookieAuthenticationHandler - AuthenticationScheme: Identity.Application was challenged.
So I was finally able to get this running in debug.
had to modify IIS Express config, hosts file, etc.
But this failure is happening somewhere deep; maybe in something closed source?
So here's what I've found in my logs:
result.Succeeded, sending Microsoft.AspNetCore.Mvc.JsonResult
Executing JsonResult, writing value of type 'Abp.Web.Models.AjaxResponse'.
Executed action XXXXXX.Web.Controllers.AccountController.VerifySecurityCode (XXXXXX.Web.Mvc) in 378.4956ms
Executed endpoint 'XXXXXX.Web.Controllers.AccountController.VerifySecurityCode (XXXXXX.Web.Mvc)'
Request finished in 414.1965ms 200 application/json; charset=utf-8
Request starting HTTP/1.1 GET http://YYYYYYYYYYYYYYY/App
Authorization failed.
AuthenticationScheme: Identity.Application was challenged.
Request finished in 12.6433ms 302
Request starting HTTP/1.1 GET http://YYYYYYYYYYYYYYY/Account/Login?ReturnUrl=%2FApp
Authorization Failed on the App request
By the way - my server does NOT have SSL enabled right now - so it's pure http and I'm having same problem.
I finally was able to recreate against my azure production server (with no SSL currently installed) by using an affected Local State file.
I'll update here if I learn anything.
Is this your dev environment? If so - do you know a way to recreate the issue on a machine that doesn't have the problem? I tried taking a Local State file from a user's machine that had the issue but it didn't work. Perhaps it's my profile. I'll try using the local state file and hitting my production and trying to login as an affected user.
I can't recreate in dev, so I'm feeling around in the dark here.
However, I really wish someone from support would offer some suggestions.
Have you opened a ticket on gitHub yet?
Good find!
I've got a user that's trying to setup their machine for me to remote into so I can push / debug. Luckily, we're not live yet so I have a production environment on Azure to work with.
are you seeing it even post to controller methods?
looked at the apb code and found nothing that jumps out at me, either.
theres definantly something broken with ANZ and new Chrome.
ive done zero mods to authentication.