search

openremote / openremote

100% open-source IoT Platform - Integrate your devices, create rules, and analyse and visualise your data
https://openremote.io
Other
1.25k stars 299 forks source link

Status Code: 403 Forbidden Error: Origin not allowed #687

Closed VijaySharma815 closed 2 years ago

VijaySharma815 commented 2 years ago

Everything working fine on local but when I am deploying the open remote on VM facing some issues:

I am able to see the login page. After entering username [admin] password [secret] some APIs getting failed.

Request URL: https://31.221.220.169/api/master/console/register Request Method: POST Status Code: 403 Forbidden

Error: Origin not allowed

I am pasting my docker-compose.yml file code here for reference.

# OpenRemote v3
#
# Profile that runs the stack by default on https://localhost using a self-signed SSL certificate,
# but optionally on https://$OR_HOSTNAME with an auto generated SSL certificate from Letsencrypt.
#
# It is configured to use the AWS logging driver.
#
version: '2.4'

services:

  proxy:
    image: openremote/proxy:${PROXY_VERSION:-latest}
    restart: always
    depends_on:
      manager:
        condition: service_healthy
    ports:
      - "80:80"
      - "${OR_SSL_PORT:-443}:443"
      - "8883:8883"

  postgresql:
    restart: always
    image: openremote/postgresql:${POSTGRESQL_VERSION:-latest}

  keycloak:
    restart: always
    image: openremote/keycloak:${KEYCLOAK_VERSION:-latest}
    depends_on:
      postgresql:
        condition: service_healthy
    environment:
      KEYCLOAK_PASSWORD: ${OR_ADMIN_PASSWORD:-secret}
      KEYCLOAK_FRONTEND_URL: https://${OR_HOSTNAME:-localhost}/auth
      # Use the following if OR_SSL_PORT is not the default 443
      # KEYCLOAK_FRONTEND_URL: https://${OR_HOSTNAME:-localhost}:${OR_SSL_PORT:-443}/auth

  manager:
#    privileged: true
    restart: always
    image: openremote/manager:${MANAGER_VERSION:-latest}
    depends_on:
      keycloak:
        condition: service_healthy
    environment:
      OR_DEV_MODE: ${OR_DEV_MODE:-false}
    volumes:
      - ./deployment:/deployment
#      - /var/run/dbus:/var/run/dbus
#      - btmesh-data:/btmesh
#   devices:
#     - /dev/ttyACM0:/dev/ttyS0

apart from this, seeing some web socket error in browser console:

WebSocket connection to 'wss://31.221.220.169/websocket/events?Realm=master&Authorization=Bearer%20eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ6ajNwOTlySEFUc3RyYXNud2r0PpZRlhzTb0KjKrVagLpmuNqg1EMhTeqvN1EsfmvcsRhpqa46Dbzr3p5soB1Y38ZAY1LmFerlNDlrK_6WoYL_u22lt3XL9Gys-EVk1Ut2-YIlQBz_BDI3-TRt9dGci_CR2faf3_XIasPE8rBrm-7zCsWV8vBQoQkKjSoLjV1uEW7A8sUP8SThOz-ZabQcFh-K22SAMx82jiF30_iFQ2HFxa7_Rs34lelAKug' failed:

richturner commented 2 years ago

You can adjust the OR_HOSTNAME environment variable as shown in our default docker-compose profile:

https://github.com/openremote/openremote/blob/master/docker-compose.yml#L75

Note multiple origins can be configured using the OR_ADDITIONAL_HOSTNAMES variable.

For the proxy container the DOMAINNAMES variable can be used for multiple domains; certificates will be requested for supported FQDN but by default the proxy container will fallback to a self signed certificate, alternatively a custom certificate can be volume mapped as described in:

https://github.com/openremote/openremote/blob/master/profile/deploy.yml#L32

PhilippePinheiroLIST commented 2 years ago

on your case you should set OR_HOSTNAME to 31.221.220.169