Project

General

Profile

Bug #40051

mgr/dashboard: Dashboard login page broken; summary returns 401

Added by Nathan Fish 4 months ago. Updated 3 months ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
dashboard/usability
Target version:
Start date:
05/28/2019
Due date:
% Done:

0%

Source:
Community (user)
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:

Description

When attempting to login to a newly-configured Dashboard, using the correct password, the login page appears to refresh with no other feedback. The Firefox console shows that the POST to 'auth' works (returns 201) but then a GET to 'alertmanager-api-host' and other pages fails with 401.

Typing the wrong password says that it's a wrong password.


Related issues

Related to mgr - Bug #38428: mgr/dashboard: dashboard giving 401 unauthorized Resolved 02/22/2019
Duplicates mgr - Backport #39524: nautilus: mgr/dashboard: Can't login with a bigger time difference between user and server or make auth token work with UTC times only Resolved

History

#1 Updated by Ricardo Dias 4 months ago

@Nathan can you show us the user profile with `ceph dashboard ac-user-show <username>`?

Is this an administrator user? or does it have custom roles?

#2 Updated by Nathan Cutler 4 months ago

  • Project changed from fs to mgr
  • Category changed from Administration/Usability to dashboard/usability

#3 Updated by Nathan Fish 4 months ago

@root@m3-3101-422:~# ceph dashboard ac-user-show cscf-adm {"username": "cscf-adm", "lastUpdate": 1559086434, "name": null, "roles": ["administrator"], "password": "$2b$12$unhQ15K.sJVrZxdFNuor0.3CXgHdjfi5MmsDn0XNYeGfXFgrfLuwG", "email": null}@

I originally tried with the read-only role, but changed to admin in case that was the problem.

#4 Updated by Lenz Grimmer 4 months ago

Is this a duplicate of #38428 by any chance?

#5 Updated by Lenz Grimmer 4 months ago

  • Related to Bug #38428: mgr/dashboard: dashboard giving 401 unauthorized added

#6 Updated by Wes Dillingham 4 months ago

Also experiencing this reproducing in a test env with the following:

process:
ceph-deploy mgr create $MY_HOSTNAME
ceph mgr module enable dashboard #now running on :8080
ceph config set mgr mgr/dashboard/ssl false
ceph mgr module disable dashboard
ceph mgr module enable dashboard
ceph dashboard ac-user-create admin admin administrator
ceph mgr module disable dashboard
ceph mgr module enable dashboard
[tries to login, doesnt work: receives in ceph-mgr log:
019-06-05 13:54:41.359 7f27a3a63700 0 mgr[dashboard] frontend error (http://bignaut1:8080/#/login): Http failure response for http://bignaut1:8080/api/summary: 401 Unauthorized]

similar to above, get a warn message when using incorrect pw or username

#7 Updated by Lenz Grimmer 4 months ago

  • Subject changed from Dashboard login page broken; summary returns 401 to mgr/dashboard: Dashboard login page broken; summary returns 401

#8 Updated by Wes Dillingham 4 months ago

Just a note I tried with 14.2.0 release and cannot duplicate this behavior. Seems to be new in 14.2.1

#9 Updated by Kanika Murarka 3 months ago

For the docker based development environment, I was able to reproduce(not always) the issue by changing the timezone of docker.

docker exec -it <Docker-ID> /bin/bash
cd /etc/
ln -sf ../usr/share/zoneinfo/Canada/Pacific localtime

#10 Updated by Edward Kalk 3 months ago

"When attempting to login to a newly-configured Dashboard, using the correct password, the login page appears to refresh with no other feedback. "

I also have this same problem with a newly installed ceph-mgr-dashboard package after an upgrade from mimic.
When I login the page simply refreshes, if I use a bad password is says that the credentials were wrong.

#11 Updated by Edward Kalk 3 months ago

I used this and it worked.

Can you please try the following:

Manually apply the change posted at https://github.com/ceph/ceph/pull/27942/files to the file /usr/share/ceph/mgr/dashboard/services/access_control.py on all nodes running the dashboard
Restart the dashboard using ceph mgr module disable dashboard; ceph mgr module enable dashboard
Update the timestamp on admin's password: ceph dashboard ac-user-set-password admin <changed password>
Try to login again

#12 Updated by Patrick Seidensal 3 months ago

  • Duplicates Backport #39524: nautilus: mgr/dashboard: Can't login with a bigger time difference between user and server or make auth token work with UTC times only added

#13 Updated by Patrick Seidensal 3 months ago

  • Status changed from New to Duplicate
  • Target version changed from v14.2.1 to v14.2.2

There was an adaptation in a file missing (namely the access_control.py), but it has already been merged to the master branch and backported to nautilus (see http://tracker.ceph.com/issues/39524). This is supposed to fix that issue for the next Ceph minor release v14.2.2, as the change is already in the nautilus branch.

Also available in: Atom PDF