profile
viewpoint

Ask questionsCannot login to Concourse Web using Firefox

Bug Report

When using Firefox, a login is not possible since the cookie cannot be set.

Steps to Reproduce

  1. Deploy Concourse v4.2.3 (HTTPS enabled)
  2. Use Firefox 65.0.2 to access the Concourse WEB UI
  3. Login to concourse (tested with a local user and LDAP user)

(please include any pipelines/tasks using https://gist.github.com)

Expected Results

I expect to be successfully logged into concourse

Actual Results

After entering the username/password and submitting this page, a blank page is shown.

Additional Context

Logs in atc show that the login is successful. However, the error says that a cookie cannot be set.

/var/vcap/sys/log/atc/atc.stdout.log:

{"timestamp":"1551778162.090207577","source":"atc","message":"atc.dex.event","log_level":1,"data":{"fields":{},"message":"garbage collection run, delete auth requests=1, auth codes=0","session":"5"}}
{"timestamp":"1551781379.318979025","source":"atc","message":"atc.dex.event","log_level":1,"data":{"fields":{"connector":"LDAP"},"message":"performing ldap search DC=<....>","session":"5"}}
{"timestamp":"1551781379.320216894","source":"atc","message":"atc.dex.event","log_level":1,"data":{"fields":{"connector":"LDAP"},"message":"username \"<username>\" mapped to entry CN=<....>","session":"5"}}
{"timestamp":"1551781379.324945211","source":"atc","message":"atc.dex.event","log_level":1,"data":{"fields":{},"message":"login successful: connector \"ldap\", username=\"<username>\", email=\"<email>\", groups=[]","session":"5"}}
{"timestamp":"1551781379.332607746","source":"atc","message":"atc.sky.callback.failed-to-fetch-cookie-state","log_level":2,"data":{"error":"http: named cookie not present","session":"4.25"}}

This occurs only using firefox. It works well in chrome. I also checked if cookies are disabled in firefox but didn't find anything. I explicitly allowed cookies for this domain and tried to turn off all security features that could be related to that.

Version Info

  • Concourse version: 4.2.3
  • Deployment type (BOSH/Docker/binary): BOSH
  • Infrastructure/IaaS: vsphere
  • Browser (if applicable): Firefox 65.0.2 It also works with latest Chrome version 72.0.3626.121
  • Did this used to work? Yes
concourse/concourse

Answer questions ramonskie

don't know it this is relevant. but when i upgraded from 4.x to 5.x i received 400 error when loggin in with fly the login url was https://mydomain.com/sky/login?redirect_uri=http://127.0.0.1:39599/auth/callback but the new 5.x way of loggin in is via https://mydomain.com/login?fly_port=57566

this seem to be related due to the fly versions fly 4.x is the redirect_uri and 5.x uses login?fly_port

you think with a simple fly sync it would solve the problem but as you are on fly 4.x you can't because if you want to sync you need to login..

the workarround is use the https://mydomain.com/login?fly_port=57566 copy the token and login and sync your fly binary

useful!
source:https://uonfu.com/
answerer
Ramon Makkelie ramonskie @starkandwayne The Netherlands Love working with, and trying out new OpenSource projects
Github User Rank List