Authentication in lab fails with jhub-remote-user-authenticator

[dennisverspuij]

Hello,

I have a working setup of JupyterHub v0.9.4 with classic Jupyter notebook v5.7.0 through Apache 2.4 reverse proxy, with HTTP basic authentication passed through for automatic authentication by jhub_remote_user_authenticator.remote_user_auth.RemoteUserAuthenticator (from jhub-remote-user-authenticator v0.1.0).

I now added jupyterlab v0.35.4 (and this hub-extension) and switched the spawner command to jupyter-labhub, Initial authentication and spawning and redirection to /user/xxxx/lab succeeds and loads, but as of loading /user/xxxx/api/... stuff the basic auth prompt comes up again but fails me logging in. When I manually browse to /user/xxxx/tree and log in (basic auth prompt again) the classic environment works correctly as before.

When I disable http basic auth and switch to using dummyauthenticator.DummyAuthenticator (from jupyterhub-dummyauthenticator v0.3.1) the lab works fine. So it does not seem a problem with my installation, it seems more a problem of authentication passing from hub to the lab and maintaining the authentication.

Any ideas on this? Let me know if you need more info. Thanks!

[dennisverspuij]

When I use spawner jupyterhub-singleuser and visit /user/xxxx/lab after visiting /user/xxxx/tree the lab works fine (except for hub extensions not available). I inspected the invocations, both done with similar environment and arguments, except for the command of course.

[dennisverspuij]

I tracked down that when using the jupyter-labhub spawner command somewhere in the process the Authorization: Basic XXX header my browser sends gets replaced by an Authorization: token XXXX. This doesn't happen when using the single-user spawner, even when I eventually visit the lab url.