Issue authenticating with halite
alienzrcoming opened this issue · 14 comments
Hi,
I've installed & configured halite referencing the documentation, but am unable to authenticate in the ui. No error is displayed in the ui when I click 'Login' after entering my credentials, and no errors are logged in /var/log/salt/master. note: I disabled TLS for now bc I was having a separate issue with that. I've gotten this to work on earlier versions of salt (same halite configuration, tls disabled, etc..), but am revisiting halite with 2014.1.3.
Debian Wheezy / 7.4
salt --versions-report
Salt: 2014.1.3
Python: 2.7.3 (default, Mar 13 2014, 11:03:55)
Jinja2: 2.6
M2Crypto: 0.21.1
msgpack-python: 0.1.10
msgpack-pure: Not Installed
pycrypto: 2.6
PyYAML: 3.10
PyZMQ: 13.1.0
ZMQ: 3.2.3
pip freeze
CherryPy==3.3.0
GitPython==0.3.2.RC1
Jinja2==2.6
M2Crypto==0.21.1
Mako==0.7.0
MarkupSafe==0.15
PyYAML==3.10
SOAPpy==0.12.0
argparse==1.2.1
async==0.6.1
chardet==2.0.1
distribute==0.6.24dev-r0
fpconst==0.7.2
gevent==1.0
gitdb==0.5.4
greenlet==0.4.2
halite==0.1.16
medusa==0.5.4
meld3==0.6.5
msgpack-python==0.1.10
pycrypto==2.6
python-apt==0.8.8.2
python-debian==0.1.21
python-debianbts==1.11
pyzmq==13.1.0
raven==3.5.2
reportbug==6.4.4
salt==2014.1.3
smmap==0.8.2
supervisor==3.0a8
wsgiref==0.1.2
cat /etc/salt/master.d/halite.conf
halite:
level: 'debug'
server: 'cherrypy'
host: '0.0.0.0'
port: '80'
cors: False
tls: False
external_auth:
pam:
user1:
- .*
- '@runner'
- '@wheel'
Only entries in /var/log/salt/master for halite is this:
2014-04-24 13:32:13,905 [salt.master ][INFO ] Halite: Starting up ...
Any ideas on what I could be missing?
Thanks in advance
@alienzrcoming I've usually seen those kinds of errors when my server and salt-master need a restart.
thank you @pass-by-value yeah, i've restarted salt-master a few times just to make sure. forgot to mention that
Cool, I just wanted to make sure. Could you look under console and network and let me know if you see any errors / pending requests? Thanks!
sure, i'm not too familiar with the ui, but i've clicked around under the console area and nothing really happens. some stuff is grayed out, some buttons dont seem to respond with anything, but i'm guessing all that is because I haven't been able to authenticate. i dont see anything with the word 'network', so I'm not sure where to click for that. in case this helps, here is a screenshot of what i see http://i.imgur.com/NbMhuK3.png thanks again
My bad @alienzrcoming I should've been more clear. I wanted to know if you see anything under the Developer Console (Chrome, FF, etc).
You can open the developer console by Right Clicking on your browser and then selecting Inspect Element. I have posted a screenshot of Google Chrome browser that highlights relevant parts. Those should give us more information on what might be wrong.
ahhh ok, that makes sense. i'll collect the info and report back.
Any luck with this @alienzrcoming ?
hi, sorry for the delay on this. here is a screenshot of the console network tab when loading the main page: http://imgur.com/nfKPwDW and here is one after a login attempt: http://imgur.com/xfqPRJL neither had errors that i could see. my master is now running 2014.1.4 lmk if there is any other info i can pass along. thanks again
Thanks for that info @alienzrcoming
Per your second screenshot it looks like the login request is submitted, but it is in the pending state.
There might be some more diagnostic information in the Salt Master logs (/var/log/salt/master).
So once you submit this request you should see these two lines (and some other stuff) printed in the log file
2014-05-09 11:02:01,230 [salt.master ][INFO ] Clear payload received with command mk_token
2014-05-09 11:02:01,638 [salt.master ][INFO ] Clear payload received with command get_tokenThere might also be some error shown in the logs that will help with identifying the source of the problem.
Hi @pass-by-value , i got the simillar error as @alienzrcoming,The log message in the /var/log/salt/master has 3 lines as follows:
2014-05-10 01:09:44,300 [salt.master ][INFO ] Clear payload received with command get_token
2014-05-10 01:09:45,186 [salt.master ][INFO ] Clear payload received with command runner
2014-05-10 01:09:45,187 [salt.master ][WARNING ] Authentication failure of type "token" occurred for user admin
,the http://127.0.0.1:9015/login request is 200 ok and return the correct result, while the "POST http://127.0.0.1:9015/run" request return 400 (Bad Request)
{"error": "TokenAuthenticationError('Authentication failure of type \"token\" occurred for user admin.',)"}
waiting for your help, thank you
Note:my config in master file as follows:
external_auth:
pam:
admin:
grains.*
status.*
sys.*
test.*
cp_bakfile.*
ipt_config.*
- .*
- '@runner'
- '@wheel'
halite:
level: 'debug'
server: 'cherrypy'
host: '0.0.0.0'
port: '9015'
cors: False
tls: True
certpath: '/etc/pki/tls/certs/localhost.crt'
keypath: '/etc/pki/tls/private/localhost_nopass.key'
pempath: '/etc/pki/tls/cert.pem'
and salt-master version is salt-master 2014.1.3, salt-api version is 0.1.16 (2014-04-07)
@liyj144 You might wanna change the config to be something similar to
external_auth:
pam:
admin:
- grains.*
- status.*
- sys.*
- test.*
- cp_bakfile.*
- ipt_config.*
- '@runner'
- '@wheel'Once you make that change please restart the salt master so that your server is restarted.
Thanks so much.I change my config file as you write and it runs well now.So greate you are! Thank you~
@liyj144 Good to know that it works for you. Thanks!
Gonna keep this open as the issue reported by @alienzrcoming is still unresolved.
This repo is deprecated and archived. Therefore, this issue is now closed. Thank you.