Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basic auth: Logout returns HTTP 404 #4127

Closed
4 tasks done
dev-pasa opened this issue Aug 16, 2023 · 6 comments · Fixed by #4135
Closed
4 tasks done

Basic auth: Logout returns HTTP 404 #4127

dev-pasa opened this issue Aug 16, 2023 · 6 comments · Fixed by #4135
Assignees
@Haarolean
Labels
area/auth scope/backend status/accepted An issue which has passed triage and has been accepted status/confirmed A bug which actuality is confirmed type/bug Something isn't working
Milestone
0.7.2

Comments

@dev-pasa
Copy link

dev-pasa commented Aug 16, 2023
edited
Loading

Issue submitter TODO list

  • I've looked up my issue in FAQ
  • I've searched for an already existing issues here
  • I've tried running master-labeled docker image and the issue still persists there
  • I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

The logout button returns a 404.

uri + /auth?logout seems to work but not uri + /logout

logoutSuccessHandler.setLogoutSuccessUrl(URI.create(LOGOUT_URL));

public static final String LOGIN_URL = "/auth";
public static final String LOGOUT_URL = "/auth?logout";

UserInfo.tsx to reflect /auth?logout

  <DropdownItem href={`${window.basePath}/logout`}>
    <S.LogoutLink>Log out</S.LogoutLink>
  </DropdownItem>
</Dropdown>

) : null;

Expected behavior

uri + /logout should logout the user

Your installation details

version: 0.7.1 (latest)

Steps to reproduce

logout user after dropdown logout button is clicked under user

Screenshots

No response

Logs

org.springframework.web.server.ResponseStatusException: 404 NOT_FOUND
org.springframework.web.reactive.resource.ResourceWebHandler.lambda$handle$1(ResourceWebHandler.java:406)
Suppressed: The stacktrace has been enhanced by Reactor, refer to additional information below:
Error has been observed at the following site(s):
com.provectus.kafka.ui.config.CorsGlobalConfiguration$$Lambda$1016/0x000000801637118 [DefaultWebFilterChain]
com.provectus.kafka.ui.config.CustomWebFilter [DefaultWebFilterChain]
com.provectus.kafka.ui.config.ReadOnlyModeFilter [DefaultWebFilterChain]
AuthorizationWebFilter [DefaultWebFilterChain]
ExceptionTranslationWebFilter [DefaultWebFilterChain]
LogoutWebFilter [DefaultWebFilterChain]
ServerRequestCacheWebFilter [DefaultWebFilterChain]
SecurityContextServerWebExchangeWebFilter [DefaultWebFilterChain]
AuthenticationWebFilter [DefaultWebFilterChain]
ReactorContextWebFilter [DefaultWebFilterChain]
HttpHeaderWriterWebFilter [DefaultWebFilterChain]
ServerWebExchangeReactorContextWebFilter [DefaultWebFilterChain]
org.springframework.security.web.server.WebFilterChainProxy [DefaultWebFlterChain]
org.springframework.web.filter.reactive.ServerHttpObservationFilter [DefultWebFilterChain]
HTTP GET "/logout" [ExceptionHandlingWebHandler]
Original Stack Trace:
org.springframework.web.reactive.resource.ResourceWebHandler.lambda$handle$1(ResourceWebHandler.java:406)
reactor.core.publisher.MonoDefer.subscribe(MonoDefer.java:44)
reactor.core.publisher.Mono.subscribe(Mono.java:4485)
reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:82)
reactor.core.publisher.MonoFlatMap$FlatMapMain.onComplete(MonoFlatMap.java:189)
reactor.core.publisher.MonoNext$NextSubscriber.onComplete(MonoNext.java:102)
reactor.core.publisher.FluxConcatMapNoPrefetch$FluxConcatMapNoPrefetchSubscriber.onComplete(FluxConcatMapNoPrefetch.java:240)
reactor.core.publisher.FluxIterable$IterableSubscription.slowPath(FluxIterable.java:357)
reactor.core.publisher.FluxIterable$IterableSubscription.request(FluxIterable.java:294)

Additional context

The previous version worked for logout, but not version: 0.7.1 (latest)
@dev-pasa dev-pasa added status/triage Issues pending maintainers triage type/bug Something isn't working labels Aug 16, 2023
@github-actions
Copy link

Hello there dev-pasa! 👋

Thank you and congratulations 🎉 for opening your very first issue in this project! 💖

In case you want to claim this issue, please comment down below! We will try to get back to you as soon as we can. 👀

@dev-pasa
Copy link
Author

Please look into AbstractAuthSecurityConfig.java?

protected static final String[] AUTH_WHITELIST = {
"/css/",
"/js/",
"/media/",
"/resources/",
"/actuator/health/",
"/actuator/info",
"/actuator/prometheus",
"/auth",
"/login",
"/logout",
"/oauth2/",
"/static/**"
};

}

@Haarolean
Copy link
Contributor

Hi, please provide your config leaving out authentication secrets

@Haarolean Haarolean added status/pending Further information is requested and removed status/triage Issues pending maintainers triage labels Aug 17, 2023
@dev-pasa
Copy link
Author

dev-pasa commented Aug 17, 2023
edited
Loading

kafka:
clusters:
- name: VM-SandBox
bootstrapServers: xxxxx.com:9092
zookeeper: xxxxx.com:2181
schemaRegistry: http://xxxxx:8080
ksqldbServer: http://localhost:8088
kafkaConnect:
- name: first
address: http://xxxxx:8440
metrics:
port: 9997
type: JMX
- name: VM-PreProd
bootstrapServers: xxxxx:9093
properties:
security.protocol: SSL
ssl.keystore.location: ${SSL_KEYSTORE_LOCATION}
ssl.keystore.password: ${SSL_KEYSTORE_PASSWORD}
ssl.truststore.location: ${SSL_TRUSTSTORE_LOCATION}
ssl.truststore.password: ${SSL_TRUSTSTORE_PASSWORD}
ssl.key.password: ${SSL_KEY_PASSWORD}
zookeeper: xxxxx.com:2181
schemaRegistry: http://xxxxx:8080
ksqldbServer: http://localhost:8088
kafkaConnect:
- name: first
address: xxxxx:8443
keystoreLocation: ${SSL_KEYSTORE_LOCATION}
keystorePassword: ${SSL_KEYSTORE_PASSWORD}
metrics:
port: 9997
type: JMX
- name: VM-Prod
bootstrapServers: xxxxx:9093
properties:
security.protocol: SSL
ssl.keystore.location: ${SSL_KEYSTORE_LOCATION}
ssl.keystore.password: ${SSL_KEYSTORE_PASSWORD}
ssl.truststore.location: ${SSL_TRUSTSTORE_LOCATION}
ssl.truststore.password: ${SSL_TRUSTSTORE_PASSWORD}
ssl.key.password: ${SSL_KEY_PASSWORD}
zookeeper: *****:2181
schemaRegistry: http://xxxxx:8080
ksqldbServer: http://localhost:8088
kafkaConnect:
- name: first
address: https://xxxxx:8443
keystoreLocation: ${SSL_KEYSTORE_LOCATION}
keystorePassword: ${SSL_KEYSTORE_PASSWORD}
metrics:
port: 9997
type: JMX

dynamic:
config:
enabled: true

spring:
jmx:
enabled: true
security:
user:
name: admin
password: ${SECURITY_USER_PASSWORD}

auth:
type: "LOGIN_FORM"

server:
port: 8080 #- Port in which kafka-ui will run.

@Haarolean Haarolean added scope/backend status/accepted An issue which has passed triage and has been accepted status/confirmed A bug which actuality is confirmed and removed status/pending Further information is requested labels Aug 18, 2023
@Haarolean Haarolean self-assigned this Aug 18, 2023
@Haarolean Haarolean added this to the 0.7.2 milestone Aug 18, 2023
@Haarolean Haarolean mentioned this issue Aug 18, 2023
Merged
13 tasks
@Haarolean Haarolean changed the title Logout returning 404 Basic auth: Logout returns HTTP 404 Aug 18, 2023
@Haarolean
Copy link
Contributor

@dev-pasa thank you, fixed

@dev-pasa
Copy link
Author

@Haarolean Thanks a lot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Haarolean Haarolean

Labels
area/auth scope/backend status/accepted An issue which has passed triage and has been accepted status/confirmed A bug which actuality is confirmed type/bug Something isn't working
Projects
None yet
Milestone
0.7.2
Development

Successfully merging a pull request may close this issue.

BE: Use HTTP GET for basic auth provectus/kafka-ui
2 participants
@Haarolean @dev-pasa