Warning from Abp.Authorization.AbpAuthorizationException in event viewer

In the event viewer we frequently see the following Warning message: Abp.Authorization.AbpAuthorizationException: Current user did not login to the application!

Issue Overview
 

In the event viewer we frequently see the following Warning message:

 Abp.Authorization.AbpAuthorizationException: Current user did not login to the application!

            



 

Diagnosing/Resolving the Issue
 

1.      This issue can happen in a few scenarios:

a.      It can happen when a user attempts to access any Orchestrator page besides the login page without authenticating

b.      It can happen if a Robot is trying to upload a log, but it is no longer provisioned in Orchestrator

c.       Any operation that tries to access a page in Orchestrator without being authenticated. For example, a load balancer health check could cause this issue.

2.      To help determine the root cause of the issue, check the time stamp of the log in the Event Viewer.

3.      Next open the IIS logs to see what request corresponded to the Warning message.

a.      They will be in one of the folders under C:\inetpub\logs\LogFiles. Usually it is W3SVC2.

4.      Once the logs are open, search for “302”. This is the return status of an unauthenticated login. Try and match a 302 value to the warning in the event viewer.

5.      Once the 302 message the corresponding to the event viewer warning is found, check to see what the source IP address was. It is usually the last IP address displayed.

a.      For example, see the following message:

2020-02-19 01:22:54 192.168.25.106 GET /Account/WindowsLogin ReturnUrl=%2F%3Ffid%3D1%26tid%3D1 443 - 192.168.25.97 - 302 0 0 32

b.      In this example the source IP address is 192.168.25.97

6.      If the machine is for a Robot that is no longer provisioned, then do one of the following:

a.      Uninstall the Robot

b.      Remove the UiPath.Settings Folder at %programdata%\UiPath\UiPath.Settings

7.      If the IP address corresponds to a load balancer, then check to make sure it is not caused by the load balancer health check. In easier check is to see if the warning occurs at consistent intervals.

8.      If the error is caused by a health check, try to creating a dummy file and using that for the health check.

a.      In the Orchestrator Installation folder make a file called “HealthCheck.html”

b.      The file can be blank.

c.       Map the health check to this file. The URL will be “<Orchestrator URL>/HealthCheck.html”

9.      If the machine corresponds to a user, this is not an error but the expected behavior for when they try to access Orchestrator without being authenticated.