Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Frequent Access Denied prompts while using AWS Marketplace image

Description

Frequently authorization is being asked when using AWS Marketplace image:

What did I do: : Created AWS Marketplace instance

Got: frequent prompts to log in

Expected: to be prompted only once for authentication, until expiry of token or restart of browser

How to test

None

How to document

None

Attachments

1

Smart Checklist

Activity

Andrii Skomorokhov August 27, 2018 at 10:26 AM

Roma Novikov July 2, 2018 at 6:13 PM

I will investigate this more.

With running  http://XXX.XXX.XXX.XXX/graph/api/login/ping  it's expected because  http://docs.grafana.org/http_api/other/#login-api  it will renew session based on cookies and we use Basic Auth method.  Probably Grafana use this URL internally and needed a fix for us - "honor Basic Auth  also, not only cookies" 

Sveta Smirnova May 7, 2018 at 5:50 PM

Thank you for the details provided, verified as described.

How to repeat:

  1. Create PMM instance using AWS Marketplace

  2. Login into it, create test user

  3. Open a dashboard, make sure it is updating regularly

  4. Open one more tab in the same browser

  5. Enter http://XXX.XXX.XXX.XXX/graph/api/login/ping into URL (replace XXX.XXX.XXX.XXX with IP of your instance)

  6. Find out what dashboard stopped updating and requests for login/password

Peter Zaitsev May 7, 2018 at 12:47 PM

OK,

I have done more research in this case.     I think the problem needs to be redefined here slightly.   We're using HTTP authentication as such this means what we need to get the user  "test"  in my case being passed to all GET requests and these request are being  serviced appropriately.

As I look at NGINX log I see this:

[root@ip-172-31-34-40 nginx]# tail -f access.log | grep 401
216.54.214.22 - - [07/May/2018:12:39:33 +0000] "GET /graph/d/xnVN5Gmk/system-overview?from=now-12h&to=now&var-interval=$_auto_interval_interval&var-instances=All&var-cluster=pxc-cluster&refresh=1m&orgId=1 HTTP/1.1" 401 590 "http://18.217.152.69/graph/d/kLnVN5Giz/pxc-galera-cluster-overview?from=now-12h&to=now&var-interval=$_auto_interval_interval&var-host=pxc-ap&var-mountpoint=All&refresh=1m&orgId=1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" ""

 

Note  "401" error code (or Unauthorized) returned here which is abnormal

 

This does not initially causes Grafana to return the error or display dialog but I believe this is the initial abnormal behavior which you can see 

 

 

Peter Zaitsev May 7, 2018 at 12:11 PM

It is not instantly repeatable.

I tend to have several tabs open with auto-refresh dashboards.  Other period of time it starts to throw the unauthorized error message. 

When it starts doing it it is often pretty annoying as it would not accept the password in the form from the first try. You need to enter it several time for page to become fully functional, otherwise you get some elements of it failed with authorization error 

Done

Details

Assignee

Reporter

Priority

Components

Fix versions

Affects versions

Smart Checklist

Created May 2, 2018 at 3:56 PM
Updated October 9, 2018 at 4:55 AM
Resolved August 29, 2018 at 8:42 AM
Loading...