Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UI always redirects to login page #2055

Open
FedeSantillo opened this issue Jan 28, 2025 · 1 comment
Open

UI always redirects to login page #2055

FedeSantillo opened this issue Jan 28, 2025 · 1 comment

Comments

@FedeSantillo
Copy link

FedeSantillo commented Jan 28, 2025
edited
Loading

Hello,
When I try to login to the ui, I always get redirected to the login page even though there is no error message displayed and in the logs I can see 200 response.

[Status: 200] [Ip: /127.0.0.6] [User: k-s-root-svc-dev]
2025-01-28 07:21:10,640 INFO  pGroup-1-7 org.akhq.log.access        [Date: 2025-01-28T07:21:10.640128Z] [Duration: 0 ms] [Url: GET /ui/login] [Status: 200] [Ip: /127.0.0.6] [User: k-s-root-svc-dev]
2025-01-28 07:21:10,699 INFO  r-thread-2 org.akhq.log.access        [Date: 2025-01-28T07:21:10.697447Z] [Duration: 2 ms] [Url: GET /api/me] [Status: 200] [Ip: /127.0.0.6] [User: k-s-root-svc-dev]
2025-01-28 07:21:10,705 INFO  r-thread-2 org.akhq.log.access        [Date: 2025-01-28T07:21:10.703102Z] [Duration: 2 ms] [Url: GET /api/auths] [Status: 200] [Ip: /127.0.0.6] [User: k-s-root-svc-dev]
2025-01-28 07:21:10,776 INFO  r-thread-2 org.akhq.log.access        [Date: 2025-01-28T07:21:10.773469Z] [Duration: 3 ms] [Url: GET /api/cluster] [Status: 200] [Ip: /127.0.0.6] [User: k-s-root-svc-dev]
2025-01-28 07:21:10,807 INFO  pGroup-1-9 org.akhq.log.access        [Date: 2025-01-28T07:21:10.807606Z] [Duration: 0 ms] [Url: GET /ui/ui/static/media/icon.383e5fd93919da4ccf1b1d78c73ab176.svg] [Status: 200] [Ip: /127.0.0.6] [User: k-s-root-svc-dev]
2025-01-28 07:21:10,812 INFO  r-thread-2 org.akhq.log.access        [Date: 2025-01-28T07:21:10.810581Z] [Duration: 1 ms] [Url: GET /api/cluster] [Status: 200] [Ip: /127.0.0.6] [User: k-s-root-svc-dev]

I use helm chart for version 0.24.0 and this is my configuration yaml:

      akhq:
        server:
          access-log:
            enabled: true
            name: org.akhq.log.access
        connections:
          cluster: 
            properties:
              bootstrap.servers: "kafka-secret-kafka-0.kafka-secret-kafka-headless:9092;kafka-secret-kafka-1.kafka-secret-kafka-headless:9092;kafka-secret-kafka-2.kafka-secret-kafka-headless:9092"
              security.protocol: SASL_PLAINTEXT
              sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="KAFKA-S-ROOT DEV SVC" password= password
              sasl.mechanism: PLAIN 
        security:
          default-group: no-roles
          groups:
          ldap:
            groups:
              - name: KAFKA-S-ADMIN-DEV
                groups:           
                   -  admin
      logger:
        levels:
          io.micronaut.configuration.security.ldap: DEBUG
      micronaut:
        security:
          enabled: true
          ldap:
            default:
              enabled: true
              context:
                server: 'ldaps://ldapserver:636'
                managerDn: 'cn=KAFKA-S-ROOT DEV SVC,OU=DEV-KAFKA-S,OU=***,OU=***,DC=***,DC=COM'
                managerPassword: managerPassword
              search:
                base: "OU=DEV-KAFKA-S,OU=ESB,OU=***,DC=***,DC=COM"
                filter: "(sAMAccountName={0})"
              groups:
                enabled: true
                base: "CN=KAFKA-S-ADMIN-DEV,OU=DEV-KAFKA-S,OU=****,OU=*****,DC=*****,DC=COM"
                filter: "(member={0})"
          token:
            jwt:
              signatures:
                secret:
                  generator:
                    secret: secret

Can you help me to identify where is the error? Thank you.
@github-project-automation github-project-automation bot moved this to Backlog in Backlog Jan 28, 2025
@FedeSantillo
Copy link
Author

Update:

I added the groups and roles definition as suggested here but still I have the same issue. When enabling the debug logs for authentication I see the following error traces.

2025-01-28 11:57:48,532 DEBUG r-thread-1 LdapAuthenticationProvider Successfully bound user [CN=KAFKA-S-ROOT DEV SVC,OU=DEV-KAFKA-S,OU=***,OU=***,DC=***,DC=COM]. Attempting to retrieving groups. 2025-01-28 11:57:48,534 DEBUG r-thread-1 .DefaultLdapGroupProcessor No groups found! 2025-01-28T15:57:48.534412191+04:00 2025-01-28 11:57:48,534 DEBUG r-thread-1 .DefaultLdapGroupProcessor Attempting to add any additional groups... 2025-01-28 11:57:48,534 DEBUG r-thread-1 LdapAuthenticationProvider Group search returned [[]] for user [k-s-root-svc-dev] 2025-01-28T15:57:48.534557189+04:00 2025-01-28 11:57:48,534 TRACE r-thread-1 LdapAuthenticationProvider Attempting to map [k-s-root-svc-dev] with groups [[]] to an authentication response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Backlog
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@FedeSantillo