search

gravitee-io / issues

Gravitee.io - API Platform - Issues
64 stars 26 forks source link

Unable to login to gravitee Access Management UI #989

Closed AhmedFaraz09 closed 6 years ago

AhmedFaraz09 commented 6 years ago

I followed the installation guides for both access managment Gateway and Administration UI but when ever I try login with user:admin password: adminadmin, My browser redirects to the url http://localhost:4200/oauth/callback#access_token=7c19c6ef-1914-48e8-b9e5-1d8366939373&token_type=bearer&expires_in=6719&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbiIsImF1ZCI6ImFkbWluIiwiaXN and I get following exceptions at 


16:49:31.256 [sync-1] [admin] INFO  i.g.a.g.j.h.s.SecurityDomainHandlerCollection - Security domain admin has been been published on path /admin

16:52:07.343 [graviteeam-listener-23] [] INFO  i.g.a.g.h.o.p.s.ClientBasedAuthenticationProvider - Unable to authenticate user admin with provider 27f87052-b4e9-48c7-b870-52b4e928c715
org.springframework.security.authentication.BadCredentialsException: Bad getCredentials
    at io.gravitee.am.identityprovider.inline.authentication.InlineAuthenticationProvider.loadUserByUsername(InlineAuthenticationProvider.java:82)
    at io.gravitee.am.gateway.handler.oauth2.provider.security.ClientBasedAuthenticationProvider.authenticate(ClientBasedAuthenticationProvider.java:86)
    at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
    at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:177)
    at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:92)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at io.gravitee.am.gateway.handler.oauth2.filter.CORSFilter.doFilter(CORSFilter.java:42)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:105)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1699)
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:224)
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
    at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
    at org.eclipse.jetty.server.Server.handle(Server.java:534)
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320)
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
    at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
    at java.lang.Thread.run(Thread.java:748)

Constants,json

{
  "portalTitle": "Access Management",
  "baseURL": "http://localhost:8092/management",
  "authentication": {
    "oauth2": {
      "authorize": "http://localhost:8092/admin/oauth/authorize",
      "userInfo": "http://localhost:8092/admin/userinfo",
      "clientId": "admin",
      "redirectUri": "http://localhost:4200/oauth/callback",
      "logoutUri": "http://localhost:8092/admin/logout?target_url=http://localhost:4200/logout/callback"
    }
  }
}

Config/gravitee.yml


# HTTP Server
#jetty:
#  port: 8092
#  idleTimeout: 30000
#  acceptors: -1
#  selectors: -1
#  pool:
#    minThreads: 10
#    maxThreads: 200
#    idleTimeout: 60000
#    queueSize: 6000
#  jmx: false
#  statistics: false
#  accesslog:
#    enabled: true
#    path: ${gravitee.home}/logs/gravitee_accesslog_yyyy_mm_dd.log

# Path to plugins repository
#plugins:
#  path: ${gravitee.home}/plugins
# If a plugin is already installed (but with a different version), management node does not start anymore
#  failOnDuplicate: true

# Management repository is used to store global configuration such as domains, clients, ...
# This is the default configuration using MongoDB (single server)
# For more information about MongoDB configuration, please have a look to:
# - http://api.mongodb.org/java/current/com/mongodb/MongoClientOptions.html
management:
  type: mongodb
  mongodb:
    dbname: ${ds.mongodb.dbname}
    host: ${ds.mongodb.host}
    port: ${ds.mongodb.port}
#    username:
#    password:
#    authSource:
#    connectionsPerHost: 0
#    connectTimeout: 500
#    maxWaitTime: 120000
#    socketTimeout: 500
#    socketKeepAlive: false
#    maxConnectionLifeTime: 0
#    maxConnectionIdleTime: 0
#    serverSelectionTimeout: 0
#    description: gravitee.io
#    heartbeatFrequency: 10000
#    minHeartbeatFrequency: 500
#    heartbeatConnectTimeout: 1000
#    heartbeatSocketTimeout: 20000
#    localThreshold: 15
#    minConnectionsPerHost: 0
#    sslEnabled: false
#    threadsAllowedToBlockForConnectionMultiplier: 5
#    cursorFinalizerEnabled: true

# OAuth2 repository is used to store OAuth2 tokens: access_token, refresh_token
oauth2:
  type: mongodb
  mongodb:
    dbname: ${ds.mongodb.dbname}
    host: ${ds.mongodb.host}
    port: ${ds.mongodb.port}

# Gateway AM service configurations. Provided values are default values.
# All services are enabled by default. To stop one of them, you have to add the property 'enabled: false' (See the
# 'local' service for an example).
services:
  # Local registry service.
  # This registry is used to load domain definitions with json format from the file system.
  local:
    enabled: false
    path: ${gravitee.home}/domains # The path to domain descriptors

# OAuth2 authentication
authentication:
  # Authorization credentials to access secure validation endpoint
  oauth2:
    url: http://localhost:8092/admin/oauth/check_token
    clientId: admin
    clientSecret: admin-secret

# Referenced properties
ds:
  mongodb:
    dbname: gravitee-am
    host: ${GRAVITEEIO_MONGODB_HOST:localhost}
    port: ${GRAVITEEIO_MONGODB_PORT:27017}
brasseld commented 6 years ago

If you are redirected to the url http://localhost:4200/oauth/callback#access_token=7c19c6ef-1914-48e8-b9e5-1d8366939373&token_type=bearer&expires_in=6719&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbiIsImF1ZCI6ImFkbWluIiwiaXN with a token, it means that you are correctly logged.

Can you see the admin UI or not ? Perhaps a javascript error in your browser (which one? version ? )

NicolasGeraud commented 6 years ago

hi @AhmedFaraz09,

may we close this issue ?

AhmedFaraz09 commented 6 years ago

The issue was that I had opened the server on a different port and mentioned 4200 in the Constants.json