Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Basic auth: Logout returns HTTP 404 #4127

Closed
4 tasks done
dev-pasa opened this issue Aug 16, 2023 · 6 comments · Fixed by #4135
Closed
4 tasks done

Basic auth: Logout returns HTTP 404 #4127

dev-pasa opened this issue Aug 16, 2023 · 6 comments · Fixed by #4135
Assignees
@Haarolean
Labels
area/auth scope/backend status/accepted An issue which has passed triage and has been accepted status/confirmed A bug which actuality is confirmed type/bug Something isn't working
Milestone
0.7.2

Comments

@dev-pasa
Copy link

dev-pasa commented Aug 16, 2023
edited
Loading

Issue submitter TODO list

  • I've looked up my issue in FAQ
  • I've searched for an already existing issues here
  • I've tried running master-labeled docker image and the issue still persists there
  • I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

The logout button returns a 404.

uri + /auth?logout seems to work but not uri + /logout

logoutSuccessHandler.setLogoutSuccessUrl(URI.create(LOGOUT_URL));

public static final String LOGIN_URL = "/auth";
public static final String LOGOUT_URL = "/auth?logout";

UserInfo.tsx to reflect /auth?logout

  <DropdownItem href={`${window.basePath}/logout`}>
    <S.LogoutLink>Log out</S.LogoutLink>
  </DropdownItem>
</Dropdown>

) : null;

Expected behavior

uri + /logout should logout the user

Your installation details

version: 0.7.1 (latest)

Steps to reproduce

logout user after dropdown logout button is clicked under user

Screenshots

No response

Logs

org.springframework.web.server.ResponseStatusException: 404 NOT_FOUND
org.springframework.web.reactive.resource.ResourceWebHandler.lambda$handle$1(ResourceWebHandler.java:406)
Suppressed: The stacktrace has been enhanced by Reactor, refer to additional information below:
Error has been observed at the following site(s):
com.provectus.kafka.ui.config.CorsGlobalConfiguration$$Lambda$1016/0x000000801637118 [DefaultWebFilterChain]
com.provectus.kafka.ui.config.CustomWebFilter [DefaultWebFilterChain]
com.provectus.kafka.ui.config.ReadOnlyModeFilter [DefaultWebFilterChain]
AuthorizationWebFilter [DefaultWebFilterChain]
ExceptionTranslationWebFilter [DefaultWebFilterChain]
LogoutWebFilter [DefaultWebFilterChain]
ServerRequestCacheWebFilter [DefaultWebFilterChain]
SecurityContextServerWebExchangeWebFilter [DefaultWebFilterChain]
AuthenticationWebFilter [DefaultWebFilterChain]
ReactorContextWebFilter [DefaultWebFilterChain]
HttpHeaderWriterWebFilter [DefaultWebFilterChain]
ServerWebExchangeReactorContextWebFilter [DefaultWebFilterChain]
org.springframework.security.web.server.WebFilterChainProxy [DefaultWebFlterChain]
org.springframework.web.filter.reactive.ServerHttpObservationFilter [DefultWebFilterChain]
HTTP GET "/logout" [ExceptionHandlingWebHandler]
Original Stack Trace:
org.springframework.web.reactive.resource.ResourceWebHandler.lambda$handle$1(ResourceWebHandler.java:406)
reactor.core.publisher.MonoDefer.subscribe(MonoDefer.java:44)
reactor.core.publisher.Mono.subscribe(Mono.java:4485)
reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:82)
reactor.core.publisher.MonoFlatMap$FlatMapMain.onComplete(MonoFlatMap.java:189)
reactor.core.publisher.MonoNext$NextSubscriber.onComplete(MonoNext.java:102)
reactor.core.publisher.FluxConcatMapNoPrefetch$FluxConcatMapNoPrefetchSubscriber.onComplete(FluxConcatMapNoPrefetch.java:240)
reactor.core.publisher.FluxIterable$IterableSubscription.slowPath(FluxIterable.java:357)
reactor.core.publisher.FluxIterable$IterableSubscription.request(FluxIterable.java:294)

Additional context

The previous version worked for logout, but not version: 0.7.1 (latest)
@dev-pasa dev-pasa added status/triage Issues pending maintainers triage type/bug Something isn't working labels Aug 16, 2023
@github-actions
Copy link

Hello there dev-pasa! 👋

Thank you and congratulations 🎉 for opening your very first issue in this project! 💖

In case you want to claim this issue, please comment down below! We will try to get back to you as soon as we can. 👀

@dev-pasa
Copy link
Author

Please look into AbstractAuthSecurityConfig.java?

protected static final String[] AUTH_WHITELIST = {
"/css/",
"/js/",
"/media/",
"/resources/",
"/actuator/health/",
"/actuator/info",
"/actuator/prometheus",
"/auth",
"/#",
"/logout",
"/oauth2/",
"/static/**"
};

}

@Haarolean
Copy link
Contributor

Hi, please provide your config leaving out authentication secrets

@Haarolean Haarolean added status/pending Further information is requested and removed status/triage Issues pending maintainers triage labels Aug 17, 2023
@dev-pasa
Copy link
Author

dev-pasa commented Aug 17, 2023
edited
Loading

kafka:
clusters:
- name: VM-SandBox
bootstrapServers: xxxxx.com:9092
zookeeper: xxxxx.com:2181
schemaRegistry: http://xxxxx:8080
ksqldbServer: http://localhost:8088
kafkaConnect:
- name: first
address: http://xxxxx:8440
metrics:
port: 9997
type: JMX
- name: VM-PreProd
bootstrapServers: xxxxx:9093
properties:
security.protocol: SSL
ssl.keystore.location: ${SSL_KEYSTORE_LOCATION}
ssl.keystore.password: ${SSL_KEYSTORE_PASSWORD}
ssl.truststore.location: ${SSL_TRUSTSTORE_LOCATION}
ssl.truststore.password: ${SSL_TRUSTSTORE_PASSWORD}
ssl.key.password: ${SSL_KEY_PASSWORD}
zookeeper: xxxxx.com:2181
schemaRegistry: http://xxxxx:8080
ksqldbServer: http://localhost:8088
kafkaConnect:
- name: first
address: xxxxx:8443
keystoreLocation: ${SSL_KEYSTORE_LOCATION}
keystorePassword: ${SSL_KEYSTORE_PASSWORD}
metrics:
port: 9997
type: JMX
- name: VM-Prod
bootstrapServers: xxxxx:9093
properties:
security.protocol: SSL
ssl.keystore.location: ${SSL_KEYSTORE_LOCATION}
ssl.keystore.password: ${SSL_KEYSTORE_PASSWORD}
ssl.truststore.location: ${SSL_TRUSTSTORE_LOCATION}
ssl.truststore.password: ${SSL_TRUSTSTORE_PASSWORD}
ssl.key.password: ${SSL_KEY_PASSWORD}
zookeeper: *****:2181
schemaRegistry: http://xxxxx:8080
ksqldbServer: http://localhost:8088
kafkaConnect:
- name: first
address: https://xxxxx:8443
keystoreLocation: ${SSL_KEYSTORE_LOCATION}
keystorePassword: ${SSL_KEYSTORE_PASSWORD}
metrics:
port: 9997
type: JMX

dynamic:
config:
enabled: true

spring:
jmx:
enabled: true
security:
user:
name: admin
password: ${SECURITY_USER_PASSWORD}

auth:
type: "LOGIN_FORM"

server:
port: 8080 #- Port in which kafka-ui will run.

@Haarolean Haarolean added scope/backend status/accepted An issue which has passed triage and has been accepted status/confirmed A bug which actuality is confirmed and removed status/pending Further information is requested labels Aug 18, 2023
@Haarolean Haarolean self-assigned this Aug 18, 2023
@Haarolean Haarolean added this to the 0.7.2 milestone Aug 18, 2023
@Haarolean Haarolean mentioned this issue Aug 18, 2023
Merged
13 tasks
@Haarolean Haarolean changed the title Logout returning 404 Basic auth: Logout returns HTTP 404 Aug 18, 2023
@Haarolean
Copy link
Contributor

@dev-pasa thank you, fixed

@dev-pasa
Copy link
Author

@Haarolean Thanks a lot

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@Haarolean Haarolean

Labels
area/auth scope/backend status/accepted An issue which has passed triage and has been accepted status/confirmed A bug which actuality is confirmed type/bug Something isn't working
Projects
None yet
Milestone
0.7.2
Development

Successfully merging a pull request may close this issue.

BE: Use HTTP GET for basic auth provectus/kafka-ui
2 participants
@Haarolean @dev-pasa