search

mkuchin / docker-registry-web

Web UI for private docker registry v2
https://hub.docker.com/r/hyper/docker-registry-web/
GNU General Public License v2.0
534 stars 135 forks source link

Error in Web UI with basic authentication #97

Open JoSell95 opened 6 years ago

JoSell95 commented 6 years ago

Hello,

when I try to use basic authentication in web ui the following error comes up:

status=401 UNAUTHORIZED {"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"registry","Class":"","Name":"catalog","Action":"*"}]}]}

I tried these command, described in the documentation:

docker run -it -p 8080:8080 --name registry-web --link registry-srv \ -e REGISTRY_URL=https://registry-srv:5000/v2 \ -e REGISTRY_TRUST_ANY_SSL=true \ -e REGISTRY_BASIC_AUTH="YWRtaW46Y2hhbmdlbWU=" \ -e REGISTRY_NAME=localhost:5000 hyper/docker-registry-web

What have I to put behind REGISTRY_BASIC_AUTH? Is it the password or the hash or somethin else?

Thanks in advance,

Jonas

lhenry7 commented 5 years ago

What is the answer here? I assume some hash based on the htpasswd file I created? what is the best way to get/generate what is needed for docker-registry-web?

mkuchin commented 5 years ago

YWRtaW46Y2hhbmdlbWU= is base64 encoded string of user:password, in this example it is admin:changeme

lhenry7 commented 5 years ago

Ok, I'm using the base64 encode value for my usr:pw, but I wonder if this is right for the bcrypt encryption that registry:2 now requires?

my docker-registry-web log just adds this line when I try and connect: WARN web.RepositoryController - URI: '_catalog?n=100' responseCode: 401

My registry:2 log has this: time="2019-01-11T18:04:06.835682765Z" level=debug msg="authorizing request" go.version=go1.7.6 http.request.host=dsg-registry http.request.id=259b87ef-65fd-4ceb-99c8-174783e7cc2a http.request.method=GET http.request.remoteaddr="172.19.0.3:60954" http.request.uri="/v2/_catalog?n=100" http.request.useragent="Java/1.7.0_111" instance.id=a3324e00-bbc3-44dd-918f-baa942a5eccd version=v2.6.2-14-ga66a4c3 time="2019-01-11T18:04:06.836558561Z" level=warning msg="error authorizing context: basic authentication challenge for realm \"Registry Realm\": invalid authorization credential" go.version=go1.7.6 http.request.host=dsg-registry http.request.id=259b87ef-65fd-4ceb-99c8-174783e7cc2a http.request.method=GET http.request.remoteaddr="172.19.0.3:60954" http.request.uri="/v2/_catalog?n=100" http.request.useragent="Java/1.7.0_111" instance.id=a3324e00-bbc3-44dd-918f-baa942a5eccd version=v2.6.2-14-ga66a4c3

And yes, my docker login straight to the repository:2 container works. Here is my docker-registry-web ENV vars: -e REGISTRY_READONLY=false \ -e REGISTRY_TRUST_ANY_SSL=true \ -e REGISTRY_URL=https://dsg-registry/v2 \ -e REGISTRY_NAME=dsg.infra \ -e REGISTRY_AUTH_ENABLED=true \ -e REGISTRY_AUTH_KEY=/conf/auth.key \ -e REGISTRY_BASIC_AUTH=Z2V3ZWI6RGlnaXRhbDE0Ng==

Here is my registry config.yml: version: 0.1

storage: filesystem: rootdirectory: /registry delete: enabled: true

http: addr: 0.0.0.0:443 tls: certificate: /certs/my-registry.crt key: /certs/my-registry.key

auth: htpasswd: realm: Registry Realm path: /auth/registry-htpasswd

log: level: debug

lhenry7 commented 5 years ago

Wanted to leave an update, I did finally get this working without Basic Auth but with a nginx proxy for the UI frontend.

lylevip commented 5 years ago

I am also troubled by this problem.

MeiNagano commented 2 years ago

so it cant work with htpasswd?