Open webvictim opened 3 years ago
What happens when you go to pihole.teleport.example.com/admin
?
Trying to load https://pihole.teleport.example.com/admin doesn't work either, as it redirects my browser to http://artemis/admin instead. This is also the case even if I change the app's configured uri to http://artemis too (I suspect these are both the same bug as #4546)
This is fixed as of 5.0.0-beta.9
An example, for anyone else who finds this issue.
app_service:
enabled: yes
apps:
- name: kibana
uri: "http://localhost:8080/_plugin/kibana/app/kibana"
public_addr: "kibana.teleport.example.com"
I am facing the exact same issue again on Teleport v11.2.2 git:api/v11.2.2-0-g90bde73 go1.19.5.
uri
being "http://localhost:80"
works as expected, but adding /somepath
to it, causes the browser to redirect to uri
after being authed.
The only thing I think could possibly be different, is that I run the main proxy on a port different than default 443. Perhaps this broke whatever the old fix was?
However worth noting that loading https://test.teleport.example.com/somepath
does properly load the site at /somepath
in such case. But loading root will redirect my browser to http://localhost:80/somepath
if I set the uri
to "http://localhost:80/somepath"
...
@ryanclark Do you have any insight into this issue based on your recent changes to URI handling in app access?
@webvictim here's the RFD outlining the changes - https://github.com/gravitational/teleport/blob/master/rfd/0103-application-access-web-ui-auth-flow.md
I'm not sure if this would affect things - the path should be preserved on login
What happened: I set up an app in AAP which isn't served on the root of the domain, but rather on the
/admin
URL:Loading the site directly via
curl
appears to send a redirect:Loading this site via AAP gives me the root of the domain rather than the
/admin
content:Trying to load
https://pihole.teleport.example.com/admin
doesn't work either, as it redirects my browser tohttp://artemis/admin
instead. This is also the case even if I change the app's configureduri
tohttp://artemis
too (I suspect these are both the same bug as #4546)What you expected to happen: Users should be able to proxy requests to a subdirectory via AAP, as well as a domain. https://caddyserver.com/ (which I was using before AAP) supports this:
How to reproduce it (as minimally and precisely as possible): Set up an app which needs to proxy to a subdirectory rather than just the root.
Environment
teleport version
):Teleport v5.0.0-beta.2 git:v5.0.0-beta.2-0-g412fb2062 go1.14.4