We are using louketo-proxy as auth proxy between DEX and kubernetes dashboard.
Everything is working fine expect exec to pods from Kubernetes dashboard (via web socket).
When we open exec window in the dashboard we get a 404 error,
If we are going in kubernetes dashboard directly (with its default auth) this functionality works.
Environment
Version of everything that it's running in your environment:
Server: DEX
Louketo: keycloak-gatekeeper:10.0.0
Expected Results
The the connection through web socket works fine.
Actual Results
Logs in gatekeeper container:
1.597662803019813e+09 info client request {"latency": 0.576744601, "status": 500, "bytes": 17, "client_ip": "172.20.110.179:59380", "method": "POST", "path": "/api/sockjs/874/ejqrs3ob/xhr_streaming"}
1.5976628031897597e+09 info client request {"latency": 0.162154246, "status": 500, "bytes": 17, "client_ip": "172.20.86.86:46394", "method": "GET", "path": "/api/sockjs/874/aearzhw0/eventsource"}
1.5976628032091296e+09 info client request {"latency": 0.005461419, "status": 200, "bytes": 496, "client_ip": "172.20.127.189:59228", "method": "GET", "path": "/api/sockjs/iframe.html"}
1.5976628032336612e+09 error no session found in request, redirecting for authorization {"error": "authentication session not found"}
Logs in kubernetes dashboard container:
2020/08/17 11:13:21 [2020-08-17T11:13:21Z] Incoming HTTP/1.1 GET /api/v1/pod/nginx-ingress/nginx-ingress-controller-jxlmx/shell/nginx-ingress-controller request from 172.20.110.179:47412:
2020/08/17 11:13:23 handleTerminalSession: can't Recv: sockjs: session not in open state
E0817 11:13:29.573589 1 v2.go:105] sockjs: session not in open state
2020/08/17 11:13:31 sockjs: session not in open state
Logs in browser terminal:
scripts.391d299173602e261418.js:1 WebSocket connection to 'wss://k8s-dashboard-int-sigma.mobbtech.com/api/sockjs/834/vjzhzfbi/websocket?d427352d241c6b5160618fa894f71da6' failed: Error during WebSocket handshake: Unexpected response code: 400
Steps to reproduce
Setup kubernetes dashboard and keycloak-gatekeeper as its auth proxy.
Title
Auth headers not transmitted through web socket
Summary
We are using louketo-proxy as auth proxy between DEX and kubernetes dashboard. Everything is working fine expect exec to pods from Kubernetes dashboard (via web socket). When we open exec window in the dashboard we get a 404 error, If we are going in kubernetes dashboard directly (with its default auth) this functionality works.
Environment
Version of everything that it's running in your environment:
Expected Results
The the connection through web socket works fine.
Actual Results
Logs in gatekeeper container:
Logs in kubernetes dashboard container:
Logs in browser terminal:
Steps to reproduce
Setup kubernetes dashboard and keycloak-gatekeeper as its auth proxy.