search

jhipster / jhipster-control-center

Manage your JHipster applications from a single place
https://jhipster.tech
Apache License 2.0
60 stars 49 forks source link

Getting logged out of JHipster Control Center when refreshing the page #180

Open pgrabowski1 opened 2 years ago

pgrabowski1 commented 2 years ago
Overview of the issue

I'm using JHipster Control Center. I can log in successfully and switch between tabs, i. e. Metrics, Caches. When I try to refresh the page (F5 key), I get logged out and I'm redirected to http://localhost:7419/forbidden.

In the browser developer tools there is an HTTP GET request for http://localhost:7419/api/account which returns HTTP 401.

Motivation for or Use Case
Reproduce the error
  1. Generate a gateway microservice.
  2. Download JHipster Registry, and JHipster Control Center from github.
  3. In JHipster Control Center, Registry, gateway modify YAML config to run with local keycloak instance.
  4. In JHipster Control Center add to pom.xml: 
    <dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
<version>9.9</version>
<exclusions>
    <exclusion>
        <groupId>com.nimbusds</groupId>
        <artifactId>nimbus-jose-jwt</artifactId>
    </exclusion>
</exclusions>
</dependency>
  5. Run JHipster Registry, Control Center and gateway. In JHipster Control Center login, go to any tab and refresh the page.
JHipster Version(s)

JHipster Registry: 7.1.0, JHipster Control Center 0.5.0, gateway - JHipster dependencies 7.3.0

gateway configuration
`.yo-rc.json` file for gateway 

{
  "generator-jhipster": {
    "applicationType": "gateway",
    "baseName": "maasGateway",
    "jhipsterVersion": "7.3.0",
    "skipClient": true,
    "skipServer": false,
    "skipUserManagement": true,
    "skipCheckLengthOfIdentifier": false,
    "skipFakeData": false,
    "jhiPrefix": "jhi",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "testFrameworks": ["protractor", "gatling", "cucumber"],
    "blueprints": [],
    "otherModules": [],
    "pages": [],
    "creationTimestamp": 1649997751275,
    "serviceDiscoveryType": "eureka",
    "reactive": true,
    "authenticationType": "oauth2",
    "packageName": "com.bosch.maas",
    "serverPort": "8080",
    "cacheProvider": "no",
    "enableHibernateCache": false,
    "databaseType": "no",
    "devDatabaseType": "no",
    "prodDatabaseType": "no",
    "buildTool": "maven",
    "serverSideOptions": [],
    "websocket": false,
    "searchEngine": false,
    "messageBroker": false,
    "enableSwaggerCodegen": false,
    "clientFramework": "no",
    "enableTranslation": true,
    "nativeLanguage": "en",
    "devServerPort": 9060,
    "clientPackageManager": "npm",
    "clientTheme": "none",
    "clientThemeVariant": "",
    "withAdminUi": true,
    "languages": ["en", "de"],
    "enableGradleEnterprise": false
  }
}
JHipster Registry configuration
.yo-rc.json file for JHipster Registry 

{
  "generator-jhipster": {
    "jhipsterVersion": "7.2.0",
    "baseName": "JHipsterRegistry",
    "dasherizedBaseName": "jhipster-registry",
    "humanizedBaseName": "JHipster Registry",
    "projectDescription": "JHipster service registry, made with Netflix Eureka and Spring Cloud Config",
    "packageName": "tech.jhipster.registry",
    "packageFolder": "tech/jhipster/registry",
    "serverPort": "8761",
    "authenticationType": "jwt",
    "hibernateCache": "no",
    "clusteredHttpSession": false,
    "websocket": false,
    "databaseType": "no",
    "devDatabaseType": "no",
    "prodDatabaseType": "no",
    "searchEngine": false,
    "messageBroker": false,
    "serviceDiscoveryType": "eureka",
    "buildTool": "maven",
    "enableSocialSignIn": false,
    "useSass": true,
    "enableTranslation": false,
    "applicationType": "monolith",
    "testFrameworks": [],
    "jhiPrefix": "jhi",
    "skipClient": false,
    "skipUserManagement": true,
    "clientPackageManager": "npm",
    "clientFramework": "angularX",
    "cacheProvider": "no",
    "enableHibernateCache": false,
    "embeddableLaunchScript": false,
    "clientTheme": "none",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "otherModules": [],
    "blueprints": [],
    "creationTimestamp": 1576848019661,
    "gcpProjectId": "jhipsterproject",
    "gcpCloudSqlInstanceName": "jhipsterproject:us-central1:jhipster",
    "gcpCloudSqlUserName": "root",
    "gcpCloudSqlDatabaseName": "jhipsterregistry",
    "gaeServiceName": "jhipster-registry",
    "gaeLocation": "us-central",
    "gaeInstanceClass": "F2",
    "gaeScalingType": "automatic",
    "gaeMinInstances": "1",
    "gaeMaxInstances": "2",
    "gaeCloudSQLInstanceNeeded": "Y",
    "skipServer": false,
    "skipCheckLengthOfIdentifier": false,
    "skipFakeData": false,
    "pages": [],
    "clientThemeVariant": "",
    "withAdminUi": false,
    "nativeLanguage": "en",
    "languages": ["en", "fr"],
    "reactive": false,
    "devServerPort": 4200,
    "enableGradleEnterprise": false,
    "entities": []
  }
}
JHipster Control Center configuration
.yo-rc.json file for JHipster Control Center 

{
  "generator-jhipster": {
    "blueprints": [],
    "otherModules": [],
    "applicationType": "monolith",
    "baseName": "jhipsterControlCenter",
    "jhipsterVersion": "7.0.0-beta.1",
    "skipClient": false,
    "skipServer": false,
    "skipUserManagement": true,
    "skipCheckLengthOfIdentifier": false,
    "skipFakeData": false,
    "jhiPrefix": "jhi",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "testFrameworks": ["cypress"],
    "pages": [],
    "creationTimestamp": 1581262319851,
    "serviceDiscoveryType": false,
    "authenticationType": "jwt",
    "packageName": "tech.jhipster.controlcenter",
    "serverPort": "7419",
    "cacheProvider": "no",
    "enableHibernateCache": false,
    "databaseType": "no",
    "buildTool": "maven",
    "serverSideOptions": [],
    "websocket": false,
    "searchEngine": false,
    "messageBroker": false,
    "enableSwaggerCodegen": false,
    "clientFramework": "vue",
    "withAdminUi": true,
    "clientTheme": "spacelab",
    "enableTranslation": false,
    "nativeLanguage": "en",
    "languages": ["en"],
    "packageFolder": "tech/jhipster/controlcenter",
    "devDatabaseType": "no",
    "prodDatabaseType": "no",
    "clientPackageManager": "npm",
    "clientThemeVariant": "dark",
    "reactive": true,
    "prettierJava": true
  }
}
JDL for the Entity configuration(s) entityName.json files generated in the .jhipster directory

none

Environment and Tools

openjdk version "11.0.11" 2021-04-20 OpenJDK Runtime Environment 18.9 (build 11.0.11+9) OpenJDK 64-Bit Server VM 18.9 (build 11.0.11+9, mixed mode)

git version 2.25.1

node: v14.17.6

npm: 6.14.15

Docker version 20.10.17, build 100c701

docker-compose version 1.29.2, build 5becea4c

Entity configuration(s) entityName.json files generated in the .jhipster directory

I'm not using additional entities from JDL files.

Browsers and Operating System

OS: Ubuntu 20.04.3 LTS

browser: Firefox

pgrabowski1 commented 2 years ago

The logout can also be replicated when performing these steps:

  1. Log in to JHipster Control Center and go to Instances tab.
  2. Then go to API tab. At this moment the HTTP 401 appears in developer tools. It's returned by this request: GET http://localhost:7419/gateway/user/user-1/v3/api-docs.

user is a name of an example microservice user-1 is an instance of the mentioned microservice

After reloading the API tab with F5 key I'm transferred to the http://localhost:7419/forbidden page. If I go to other tabs, then HTTP 401 is returned by GET http://localhost:7419/management/gateway/routes and pressing F5 key also redirects me to logout page.

mkraszew commented 2 years ago

It looks that on the page Instances there is some action which causes logout

mkraszew commented 1 year ago

Issue is related to reactive application which invalidates cookie SESSION - we have seperate gateway which is reactive. To fix issue we disabled request cache in spring security - https://github.com/spring-projects/spring-security/issues/6552

Maybe it's worth to have such fix for reactive applications generated by JHipster.