Skip to content

SAML - Authentication pop up always show 404 on HA Rancher installs #31163

New issue
New issue
Closed
Closed
SAML - Authentication pop up always show 404 on HA Rancher installs#31163
Assignees
ronhorton
Labels
area/authenticationkind/bug-qaIssues that have not yet hit a real release. Bugs introduced by a new feature or enhancementpriority/1release-noteNote this issue in the milestone's release notesstatus/release-note-addedteam/area3
Milestone
v2.7.7
@izaac

Description

@izaac
izaac
opened on Feb 5, 2021

What kind of request is this:
Bug

Steps to reproduce:

Only reproduces on HA setups

  • Install Rancher HA RKE
  • As admin go and try to enable a SAML based auth. I used Okta and Keycloak
  • After entering the correct credentials the popup should redirect to Rancher and self close it.

Result:

Instead the pop up shows a 404 Page Not Found

Screen Shot 2021-02-05 at 10 20 11 AM

Other details that may be helpful:

This is only reproducible in HA, Single Docker install works.

Not much info in logs

2021/02/05 17:05:03 [TRACE] REST GET apis/management.cattle.io/v3//tokens/token-rmlwj
2021/02/05 17:05:03 [DEBUG] Triggering auth refresh on user-855c9
2021/02/05 17:05:03 [DEBUG] Skipping refresh for user-855c9 due to max-age
2021/02/05 17:05:03 [TRACE] GET: 9.215187ms, authconfigs
2021/02/05 17:05:07 [DEBUG] Wrote ping
2021/02/05 17:05:07 [DEBUG] Wrote ping
2021/02/05 17:05:07 [DEBUG] Wrote ping
2021/02/05 17:05:07 [DEBUG] Wrote ping
2021/02/05 17:05:08 [DEBUG] Wrote ping
2021/02/05 17:05:08 [DEBUG] Wrote ping
2021/02/05 17:05:11 [TRACE] REST GET apis/management.cattle.io/v3//tokens/token-rmlwj
2021/02/05 17:05:11 [DEBUG] Triggering auth refresh on user-855c9
2021/02/05 17:05:11 [DEBUG] Skipping refresh for user-855c9 due to max-age
2021/02/05 17:05:11 [TRACE] GET: 25.752975ms, authconfigs
2021/02/05 17:05:11 [TRACE] REST UPDATE api//v1/cattle-global-data/secrets/keycloakconfig-spkey
2021/02/05 17:05:11 [TRACE] GET: 13.81793ms, authconfigs
2021/02/05 17:05:11 [TRACE] GET: 15.836876ms, authconfigs
2021/02/05 17:05:11 [TRACE] REST GET apis/management.cattle.io/v3//tokens/token-rmlwj
2021/02/05 17:05:11 [DEBUG] Triggering auth refresh on user-855c9
2021/02/05 17:05:11 [DEBUG] Skipping refresh for user-855c9 due to max-age
2021/02/05 17:05:11 [TRACE] GET: 3.488143ms, authconfigs
2021/02/05 17:05:11 [TRACE] REST GET apis/management.cattle.io/v3//authconfigs/keycloak
2021/02/05 17:05:11 [TRACE] REST GET api//v1/cattle-global-data/secrets/keycloakconfig-spkey
2021/02/05 17:05:12 [DEBUG] Wrote ping
2021/02/05 17:05:12 [DEBUG] Wrote ping
2021/02/05 17:05:12 [TRACE] REST GET apis/management.cattle.io/v3//tokens/token-rmlwj
2021/02/05 17:05:12 [DEBUG] Triggering auth refresh on user-855c9
2021/02/05 17:05:12 [DEBUG] Skipping refresh for user-855c9 due to max-age
2021/02/05 17:05:12 [DEBUG] Wrote ping
2021/02/05 17:05:12 [DEBUG] Wrote ping
2021/02/05 17:05:13 [DEBUG] Wrote ping
2021/02/05 17:05:13 [DEBUG] Wrote ping
2021/02/05 17:05:13 [TRACE] REST LIST api//v1//componentstatuses

Environment information

  • Rancher version:
  • Installation option: HA

Metadata

Metadata

Assignees

Labels

area/authenticationkind/bug-qaIssues that have not yet hit a real release. Bugs introduced by a new feature or enhancementpriority/1release-noteNote this issue in the milestone's release notesstatus/release-note-addedteam/area3

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions