Can't login from a remote computer

[mpelley]

I have Quack running in an Ubuntu 20.04 VM hosted by a Windows 10 computer using VirtualBox. I can access Quack just fine from the VM and from the host. However, when I try to connect to Quack from another computer, I get the Quack login page, but when I try to log in using the "root" user credentials, it just goes back to the login page. From the browser network log, it seems that when it tries to fetch the "project", it gets a 401 "Unauthorized" error which takes it back to the login page. I attached the .HAR file of the interactions.

I hope you can fix this! I really like the model Quack uses and hope we can get this running.

LoginFailure.txt @bobbeck55

[azee]

@mpelley, @bobbeck55 Please double check that you have a domain correctly set up in your property files https://github.com/greatbit/quack/blob/master/api/src/main/resources/quack.properties#L17

It should match what you are using for a remote access. I assume you have default "localhost" set up there. Thats why you can access it locally using http://localhos. It has to represent a domain (either a VM name or a DNS name) you are using to access it remotely.

Alternatively you can use our QuAck cloud - http://cloud.testquack.com/ - it is free for up to 3 concurrent sessions per organization

[mpelley]

I changed line 17 from: auth.domain=quack.com to: auth.domain=UbuntuVM which is the name of the VM. It still does not work. I cannot log in from a different computer on the local network. I can ping UbuntuVM from the VM so I know that the name is correct.

[azee]

@mpelley What URL exactly are you using in the browser to access QuAck remotely? Try doing the following.

1. Open google developer tools in Chrome (or dev tools in any other browser)
2. Choose "Network" tab. Click "persist/record" if needed (e.g, in case of Safari browser)
3. Select "Fetch/XHR" filter
4. Open QUAck remotely in the browser
5. Notice 401 response form "/session" endpoint
6. Click on it and see what is displayed as authority request header. Most likely that is the value you need to have set up in your config file

[mpelley]

I am using 192.168.1.72:8080 with Firefox to reach the computer running Quack. I get the same results with Chrome. I was not getting a 401 on the "/session" endpoint, but on the following "/project" endpoint I changed the config file to use "auth.domain=192.168.1.72" and restarted Quack. Now I get the 401 on the "/session" endpoint. I don't see an "authority request header". See the screenshot:

[azee]

As you are not running on port 80, it has to be included into the domain. Try setting auth.domain=192.168.1.72:8080 and bounce the app.

[mpelley]

I think what is going on is that no matter what I set the "auth.domain" to in the quack.properties, the "domain" in the set-cookie is "localhost", which doesn't work if the browser is using anything but localhost. Where does QuAck get the value that it is using for setting the cookie? From the browser network trace for the POST with the username/password: { "name": "Set-Cookie", "value": "whoruSessionId=22e18d41-c4b1-4464-973a-ee4f2b5dde73; Path=/; Domain=localhost; Expires=Tue, 25-Apr-2023 02:33:27 GMT; Max-Age=6000000" }

[bobbeck55]

I'm seeing the same thing in chrome devtools. My quack properties file is set to port 80.

[bobbeck55]

In addition, sometimes I see a "502 bad gateway" error message displayed on the browser briefly but it goes away quickly.

[bobbeck55]

Please see issue 237 - exception in monitor thread. Let me know if you need more details to reproduce.

Thanks, Bob

On Tue, Feb 14, 2023 at 11:03 AM Mike Pelley @.***> wrote:

I think what is going on is that no matter what I set the "auth.domain" to in the quack.properties, the "domain" in the set-cookie is "localhost", which doesn't work if the browser is using anything but localhost. Where does QuAck get the value that it is using for setting the cookie? From the browser network trace for the POST with the username/password: { "name": "Set-Cookie", "value": "whoruSessionId=22e18d41-c4b1-4464-973a-ee4f2b5dde73; Path=/; Domain=localhost; Expires=Tue, 25-Apr-2023 02:33:27 GMT; Max-Age=6000000" }

— Reply to this email directly, view it on GitHub https://github.com/greatbit/quack/issues/233#issuecomment-1429988215, or unsubscribe https://github.com/notifications/unsubscribe-auth/AZWTTVVA5VNTWHJAHC4ZQGDWXOUGFANCNFSM6AAAAAAU2VMINU . You are receiving this because you were mentioned.Message ID: @.***>