Hi @ashgadala
I think you can modify the Login page's server side code and check AbpUserAccounts table with the given username before login operation.
- Then, if there is 1 record, you can directly login the user and do nothing.
- If there are more than 1 records, you can redirect user to a new page you will develop for tenant selection. When user selects the tenant, you can login the user.
Hi @ismcagdas - we had a similar use case in our angular solution and implemented this client side. Basically a pre-login component that detects multiple tenant "possibilities" based on username/email. If so, a tenant selection modal pops-up otherwise routes to the standard login. What are the advantages of server versus client based approaches?
Thanks for the pointers!
ok - I know it's not implemented out of the box - the heart of the question is really how to properly design anonymous access to a form in our solution. For example, could would generate some unique id that we embed in the login link (as a parameter) that we publish to the client. When the client clicks the link, they are routed automatically to a closed garden where they can only fill the form and submit data. Of course we can maintain internal tables tying that link to the email target with some extra metadata such as expiration parameters ... Does that seem like a sound solution/approach to you? That may of course be vulnerable to dos attacks though, so security is a concern.
Yup looks like it is! Thanks!
Hi - a very basic question (but this is the first time we deploy a fully multi-tenant solution in azure production)
So we have tenants A, B, C (and host) in production and we want to publish client links to bypass the standard (multi-tenant) login (so they can't change tenants)
Do we configure sub-domains for each ? a.xyz.com b.xyz.com c.xyz.com Does each point to an appBaseUrl based login link with a tenant id as a parameter?
Does that seem about right? Will the appBaseUrl be sufficiently hidden (within the solution) so they can't "figure out" the main url and attempt to change tenants? How do the new tenant resolvers factor into this?
We need some urgent guidance on how to set this up correctly in Azure. Any concrete example and/or documentation is greatly appreciated
Thank you
framework : zero 12.1
Hi we are implementing a survey like function but it needs to support known and anonymous users. The feature in our solution should email an anonymous encrypted link to "other" users. This link should allow limited access to our solution (e.g. only the survey page) and expire after a system limit.
Does multi tenant zero support this configuration? Can you give us guidance on how to approach this.
Regards, github:Spiramira
Hi - sample application modules like you are starting to provide for abp.io have always been sorely needed for Zero commercial customers.
Can you craft a Zero compatible version (latest 8.8.x) for all of us old zero customers? If not, should adapting the CRM module to zero ourselves be relatively straightforward? what are some gotchas?
I have just applied for my free abp.io commerc license.
UPDATE: Bug fix was just added (and closed) in 7.2.3
I added this line to my Startup.cs as a temporary fix:
---> services.AddScoped<IaquaJwtSecurityStampHandler,aquaJwtSecurityStampHandler>();
IdentityRegistrar.Register(services);
AuthConfigurer.Configure(services, _appConfiguration);
I opened an issue #2659 in the github repo for the developers to respond to.
Hope this helps...got me going again.
I get a similar error on 7.2.2. Can't login from angular but the error is on the server side. From swagger:
curl -X GET "http://localhost:5000/api/TokenAuth/GetExternalAuthenticationProviders" -H "accept: text/plain"
After migrating from 7.0.0 on macOS and running my Web.Host locally on port 5000. 7.0.0 server runs fine.
INFO 2019-09-14 22:08:56,871 [82 ] soft.AspNetCore.Hosting.Internal.WebHost - Request starting HTTP/1.1 GET http://localhost:5000/api/TokenAuth/GetExternalAuthenticationProviders
INFO 2019-09-14 22:08:57,549 [83 ] ft.AspNetCore.Routing.EndpointMiddleware - Executing endpoint 'aqua.Web.Controllers.TokenAuthController.GetExternalAuthenticationProviders (aqua.Web.Core)'
INFO 2019-09-14 22:08:57,551 [83 ] ore.Mvc.Internal.ControllerActionInvoker - Route matched with {action = "GetExternalAuthenticationProviders", controller = "TokenAuth", area = ""}. Executing action aqua.Web.Controllers.TokenAuthController.GetExternalAuthenticationProviders (aqua.Web.Core)
ERROR 2019-09-14 22:08:57,551 [83 ] Mvc.ExceptionHandling.AbpExceptionFilter - Can't create component 'aqua.Web.Controllers.TokenAuthController' as it has dependencies to be satisfied.
'aqua.Web.Controllers.TokenAuthController' is waiting for the following dependencies:
- Service 'aqua.Web.Authentication.JwtBearer.IaquaJwtSecurityStampHandler' which was not registered.
Castle.MicroKernel.Handlers.HandlerException: Can't create component 'aqua.Web.Controllers.TokenAuthController' as it has dependencies to be satisfied.
'aqua.Web.Controllers.TokenAuthController' is waiting for the following dependencies:
- Service 'aqua.Web.Authentication.JwtBearer.IaquaJwtSecurityStampHandler' which was not registered.
at Castle.MicroKernel.Handlers.DefaultHandler.AssertNotWaitingForDependency()
at Castle.MicroKernel.Handlers.DefaultHandler.ResolveCore(CreationContext context, Boolean requiresDecommission, Boolean instanceRequired, Burden& burden)
at Castle.MicroKernel.Handlers.DefaultHandler.Resolve(CreationContext context, Boolean instanceRequired)
at Castle.MicroKernel.DefaultKernel.ResolveComponent(IHandler handler, Type service, Arguments additionalArguments, IReleasePolicy policy, Boolean ignoreParentContext)
at Castle.Windsor.MsDependencyInjection.ScopedWindsorServiceProvider.GetServiceInternal(Type serviceType, Boolean isOptional) in D:\Github\castle-windsor-ms-adapter\src\Castle.Windsor.MsDependencyInjection\ScopedWindsorServiceProvider.cs:line 55
at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType)
at Microsoft.AspNetCore.Mvc.Controllers.ServiceBasedControllerActivator.Create(ControllerContext actionContext)
at Microsoft.AspNetCore.Mvc.Controllers.ControllerFactoryProvider.<>c__DisplayClass5_0.<CreateControllerFactory>g__CreateController|0(ControllerContext controllerContext)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeInnerFilterAsync()
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeNextExceptionFilterAsync()
INFO 2019-09-14 22:08:58,322 [83 ] .Mvc.Infrastructure.ObjectResultExecutor - Executing ObjectResult, writing value of type 'Abp.Web.Models.AjaxResponse'.
INFO 2019-09-14 22:08:58,324 [83 ] ore.Mvc.Internal.ControllerActionInvoker - Executed action aqua.Web.Controllers.TokenAuthController.GetExternalAuthenticationProviders (aqua.Web.Core) in 772.8233ms
INFO 2019-09-14 22:08:58,324 [83 ] ft.AspNetCore.Routing.EndpointMiddleware - Executed endpoint 'aqua.Web.Controllers.TokenAuthController.GetExternalAuthenticationProviders (aqua.Web.Core)'
INFO 2019-09-14 22:08:58,324 [83 ] soft.AspNetCore.Hosting.Internal.WebHost - Request finished in 1453.0661ms 500 application/json; charset=utf-8
Any ideas?
Thanks.