401 Unauthorized Error to orion access.

[kikuzo]

Checklist Put an x in the boxes that apply

• [x] I have run the latest release.
• [x] I have inspeced the status of docker containers.
• [x] I have run the sanity check described in after-installation.md.
• [x] I have inspected all error messages.
• [x] I have inspected the log files in the /var/log/fiware directory.
• [x] I have run the make collect command.

Describe the bug A clear and concise description of what the bug is. You need to show why you think this issue is a bug.

I made clean installation, but ngsi version --host orion.xxxx.org return 401 unauthorized error. I can not find any trouble in configuration...

Your system environment Run make collect in a directory where you ran the lets-fiware.sh script and paste the results here.

ubuntu@localhost:~/FIWARE-Big-Bang-0.18.0$ make collect
./config/script/collect.sh

Date: Wed Dec 21 21:04:18 JST 2022
Version: 0.18.0
Hash: 93cdc01a21641c0f8a1533c58b5000616ce402a0c43ab1ed49145104bdc8e11a  lets-fiware.sh
App list: KEYROCK ORION CYGNUS
Install: completed
Docker containers:
make[1]: Entering directory '/home/ubuntu/FIWARE-Big-Bang-0.18.0'
sudo /usr/local/bin/docker-compose ps
              Name                             Command                   State                        Ports
----------------------------------------------------------------------------------------------------------------------------
fiware-big-bang-0180_cygnus_1       /cygnus-entrypoint.sh            Restarting
fiware-big-bang-0180_keyrock_1      docker-entrypoint.sh npm start   Up (healthy)     3000/tcp
fiware-big-bang-0180_mongo_1        docker-entrypoint.sh --noj ...   Up               27017/tcp
fiware-big-bang-0180_mysql_1        docker-entrypoint.sh mysqld      Up               3306/tcp, 33060/tcp
fiware-big-bang-0180_nginx_1        /docker-entrypoint.sh ngin ...   Up               0.0.0.0:443->443/tcp,:::443->443/tcp,
                                                                                      0.0.0.0:80->80/tcp,:::80->80/tcp
fiware-big-bang-0180_orion_1        sh -c rm /tmp/contextBroke ...   Up (healthy)     1026/tcp
fiware-big-bang-0180_tokenproxy_1   docker-entrypoint.sh             Up               1029/tcp
fiware-big-bang-0180_wilma_1        docker-entrypoint.sh npm start   Up (unhealthy)   1027/tcp
make[1]: Leaving directory '/home/ubuntu/FIWARE-Big-Bang-0.18.0'
Keyrock:
{"keyrock":{"version":"8.1.0","release_date":"2021-07-22","uptime":"00:06:18.2","git_hash":"https://github.com/ging/fiware-idm/releases/tag/8.1.0","doc":"https://fiware-idm.readthedocs.io/en/8.1.0/","api":{"version":"v1","link":"https://keyrock.fiware-test.org/v1"}}}

ubuntu@localhost:~/FIWARE-Big-Bang-0.18.0$

To Reproduce Steps to reproduce the behavior:

1. create clean Ubuntu(22.04) VM in Sakura cloud,
2. register keyrock, orion, cygnus A record entry in DNS service, (and confirm ping is ok.),
3. download fiware-bb. package to vm,
4. configure config.sh, modify only CYGNUS entry,

   ubuntu@localhost:~/FIWARE-Big-Bang-0.18.0$ diff config.sh config.sh.ORG
   90c90
   < CYGNUS=cygnus
   ---
   > CYGNUS=
   93c93
   < CYGNUS_MONGO=true
   ---
   > CYGNUS_MONGO=

5. start fiware-bb script, $ ./lets-fiware.sh xxxx.organd finish with no error.
6. use ngsi command

   $ ubuntu@localhost:~/FIWARE-Big-Bang-0.18.0$ ngsi version --host orion.xxxx.org
   cbVersion002 error 401 Unauthorized <html>
   <head><title>401 Authorization Required</title></head>
   <body>
   <center><h1>401 Authorization Required</h1></center>
   <hr><center>nginx</center>
   </body>
   </html>
   ubuntu@localhost:~/FIWARE-Big-Bang-0.18.0$

Expected behavior A clear and concise description of what you expected to happen.

get version info with no 401 error.

Screenshots If applicable, add screenshots to help explain your problem.

Server (please complete the following information):

• OS and OS version: Ubuntu 22.04.1 LTS
• Docker version: Docker version 20.10.22, build 3a2c30b
• Docker-compose version: docker-compose version 1.29.2, build 5becea4c

Additional context Add any other context about the problem here.

/var/log/fiware/pep-proxy.log looks like strange.

Dec 21 21:16:38 localhost [pep-proxy][700]: #033[0mGET /iot/about #033[33m401#033[0m 0.455 ms - 141#033[0m
Dec 21 21:17:08 localhost [pep-proxy][700]: #033[0mGET /iot/about #033[33m401#033[0m 0.462 ms - 141#033[0m
Dec 21 21:17:39 localhost [pep-proxy][700]: #033[0mGET /iot/about #033[33m401#033[0m 0.458 ms - 141#033[0m
Dec 21 21:18:09 localhost [pep-proxy][700]: #033[0mGET /iot/about #033[33m401#033[0m 0.454 ms - 141#033[0m
Dec 21 21:18:39 localhost [pep-proxy][700]: #033[0mGET /iot/about #033[33m401#033[0m 0.512 ms - 141#033[0m
Dec 21 21:19:10 localhost [pep-proxy][700]: #033[0mGET /iot/about #033[33m401#033[0m 0.448 ms - 141#033[0m
Dec 21 21:19:40 localhost [pep-proxy][700]: #033[0mGET /iot/about #033[33m401#033[0m 0.485 ms - 141#033[0m
Dec 21 21:19:58 localhost [pep-proxy][700]: #033[0mGET /version #033[33m401#033[0m 180.307 ms - 120#033[0m

[fisuda]

Thank you for your report.

I'm investigating this issue. I would suggest a workaround. The docker image fiware/pep-proxy:8.1.0 was updated 2 months ago. But it seems to have some problem.

• fiware/pep-proxy:8.1.0

As a workaround, could you try the following docker images?

• letsfiware/idm:8.1.0
• letsfiware/pep-proxy:8.1.0

Please replace fiware with letsfiware at the following lines in config.sh.

https://github.com/lets-fiware/FIWARE-Big-Bang/blob/84cf8ee755ab4d43b00421686791a7b92b83124b/config.sh#L30 https://github.com/lets-fiware/FIWARE-Big-Bang/blob/84cf8ee755ab4d43b00421686791a7b92b83124b/config.sh#L39

Thanks.

[kikuzo]

Thank you for your quick support.

It works fine!! By your workaround configuration.

[fisuda]

The workaround have been merged in FIWARE Big Bang v0.19.0. The FIWARE Keyrock and PEP proxy 8.3 will be supported in a future release.

Thanks.