search

thelastpickle / cassandra-reaper

Automated Repair Awesomeness for Apache Cassandra
http://cassandra-reaper.io/
Apache License 2.0
490 stars 218 forks source link

I cannot login to the UI #1438

Closed georgiosmakrhs closed 1 year ago

georgiosmakrhs commented 1 year ago

Project board link

Hi,

I have deployed the reaper using docker-compose, but when I have enabled the authentication I cannot access the index page. If I write wrong password, then I'm getting correctly the message: Invalid credentials combination for user: admin

Here is what I get from the redirection to index:

Request Method: GET
Status Code: 302 Found
Remote Address: <the-IP-address>:8080
Referrer Policy: strict-origin-when-cross-origin
Content-Length: 0
Date: Wed, 15 Nov 2023 13:14:00 GMT
Location: http://<the-IP-address>:8080/webui/login.html
Set-Cookie: JSESSIONID=e257649a-4bd8-41fc-8d0b-3d526b44cae1; Path=/; Secure; HttpOnly; SameSite=none
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cache-Control: no-cache
Connection: keep-alive
Host: <the-IP-address>:8080
Pragma: no-cache
Referer: http://<the-IP-address>:8080/webui/login.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36

Here is my compose file:

version: '2.3'

services:

  reaper:
    image: thelastpickle/cassandra-reaper:latest
    env_file:
      - ./reaper.env
    ports:
      - "8080:8080"
      - "8081:8081"
    volumes:
      - ./data/reaper:/var/log/cassandra-reaper

And here is the reaper.env file:

#!/usr/bin/env bash
# Copyright 2017-2017 Spotify AB
# Copyright 2017-2018 The Last Pickle Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# use the credentials that match the ./docker/cassandra/jmxremote.* configurations
REAPER_JMX_AUTH_USERNAME=jmxusername
REAPER_JMX_AUTH_PASSWORD=jmxpassword

# define the Dockerized Cassandra node to serve as the Reaper backend
# while using the reaper_db keyspace
REAPER_STORAGE_TYPE=cassandra
REAPER_CASS_CLUSTER_NAME="MyCluster"
REAPER_CASS_CONTACT_POINTS=["<seed1>", "<seed2>"]
REAPER_CASS_KEYSPACE=reaper_db

# Test all available env variables with custom values
REAPER_SEGMENT_COUNT_PER_NODE=9
REAPER_REPAIR_PARALELLISM="SEQUENTIAL"
REAPER_REPAIR_INTENSITY=0.5
REAPER_MAX_PENDING_COMPACTIONS=10
REAPER_SCHEDULE_DAYS_BETWEEN=4
REAPER_REPAIR_RUN_THREADS=32
REAPER_HANGING_REPAIR_TIMEOUT_MINS=90
REAPER_ENABLE_CROSS_ORIGIN=true
REAPER_INCREMENTAL_REPAIR=true
REAPER_BLACKLIST_TWCS=true
REAPER_ENABLE_DYNAMIC_SEED_LIST=false
REAPER_REPAIR_MANAGER_SCHEDULING_INTERVAL_SECONDS=10
REAPER_JMX_CONNECTION_TIMEOUT_IN_SECONDS=60
REAPER_USE_ADDRESS_TRANSLATOR=true
REAPER_DATACENTER_AVAILABILITY=LOCAL
REAPER_AUTO_SCHEDULING_ENABLED=false
REAPER_AUTO_SCHEDULING_INITIAL_DELAY_PERIOD="PT30S"
REAPER_AUTO_SCHEDULING_PERIOD_BETWEEN_POLLS="PT20M"
REAPER_AUTO_SCHEDULING_TIME_BEFORE_FIRST_SCHEDULE="PT10M"
REAPER_AUTO_SCHEDULING_SCHEDULE_SPREAD_PERIOD="PT3H"
REAPER_AUTO_SCHEDULING_ADAPTIVE=true
REAPER_AUTO_SCHEDULING_INCREMENTAL=false
REAPER_AUTO_SCHEDULING_PERCENT_UNREPAIRED_THRESHOLD=10
REAPER_AUTO_SCHEDULING_EXCLUDED_CLUSTERS="[test_cluster]"
REAPER_AUTO_SCHEDULING_EXCLUDED_KEYSPACES="[test_keyspace]"
#REAPER_JMX_PORTS="{127.0.0.3:7300}"
REAPER_LOGGING_ROOT_LEVEL=DEBUG
#REAPER_LOGGING_LOGGERS="{}"
#REAPER_LOGGING_APPENDERS_CONSOLE_LOG_FORMAT='"-- %-6level [%d] [%t] %logger{5} - %msg %n"'
#REAPER_LOGGING_APPENDERS_CONSOLE_THRESHOLD=DEBUG
#REAPER_SERVER_APP_PORT=8082
#REAPER_SERVER_APP_BIND_HOST="0.0.0.0"
#REAPER_SERVER_ADMIN_PORT=8083
#REAPER_SERVER_ADMIN_BIND_HOST="0.0.0.0"
#REAPER_CASS_ACTIVATE_QUERY_LOGGER=true
#REAPER_CASS_PORT=9042
#REAPER_CASS_LOCAL_DC="dc1"
#REAPER_CASS_AUTH_ENABLED="true"
#REAPER_CASS_AUTH_USERNAME="cassandra"
#REAPER_CASS_AUTH_PASSWORD="cassandra"
#REAPER_CASS_NATIVE_PROTOCOL_SSL_ENCRYPTION_ENABLED="false"
#REAPER_METRICS_ENABLED=true
#REAPER_METRICS_FREQUENCY="2 minute"
#REAPER_METRICS_REPORTERS="[]"
REAPER_AUTH_ENABLED="true"
REAPER_AUTH_USER="admin"
REAPER_AUTH_PASSWORD="password"
#REAPER_JMXMP_ENABLED="true"
#REAPER_JMXMP_SSL="true"
#JAVA_OPTS="-Dwhatever=value"
CRYPTO_SYSTEM_PROPERTY_SECRET="CRYPTO_SECRET"
CRYPTO_SECRET="secret"
REAPER_HTTP_MANAGEMENT_ENABLE="false"

I can access the index.html normally when I disable the authentication: REAPER_AUTH_ENABLED="false"

Thanks for your time in advance!

georgiosmakrhs commented 1 year ago

And these are the logs from the service:

$ docker-compose up
Recreating reaper_reaper_1 ... done
Attaching to reaper_reaper_1
reaper_1  | WARN  [2023-11-15 13:30:53,226] com.datastax.driver.core.utils.UUIDs: PID returned through native call was 0, JNR versions incompatible?  Falling back to JMX.
reaper_1  | INFO   [2023-11-15 13:30:55,326] [main] o.e.j.u.log - Logging initialized @2717ms to org.eclipse.jetty.util.log.Slf4jLog
reaper_1  | INFO   [2023-11-15 13:30:55,415] [main] i.d.s.DefaultServerFactory - Registering jersey handler with root path prefix: /
reaper_1  | INFO   [2023-11-15 13:30:55,418] [main] i.d.s.DefaultServerFactory - Registering admin handler with root path prefix: /
reaper_1  | INFO   [2023-11-15 13:30:55,419] [main] i.d.a.AssetsBundle - Registering AssetBundle with name: assets for path /webui/*
reaper_1  | INFO   [2023-11-15 13:30:55,649] [main] o.a.c.b.FluentPropertyBeanIntrospector - Error when creating PropertyDescriptor for public void org.apache.shiro.session.mgt.AbstractNativeSessionManager.setTimeout(org.apache.shiro.session.mgt.SessionKey,long) throws org.apache.shiro.session.InvalidSessionException! Ignoring this property.
reaper_1  | INFO   [2023-11-15 13:30:55,653] [main] o.a.c.b.FluentPropertyBeanIntrospector - Error when creating PropertyDescriptor for public void org.apache.shiro.session.mgt.AbstractNativeSessionManager.setAttribute(org.apache.shiro.session.mgt.SessionKey,java.lang.Object,java.lang.Object) throws org.apache.shiro.session.InvalidSessionException! Ignoring this property.
reaper_1  | INFO   [2023-11-15 13:30:55,685] [main] o.a.s.c.ReflectionBuilder - An instance with name 'authc' already exists.  Redefining this object as a new instance of type org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
reaper_1  | INFO   [2023-11-15 13:30:55,696] [main] o.a.s.c.ReflectionBuilder - An instance with name 'rest' already exists.  Redefining this object as a new instance of type io.cassandrareaper.resources.auth.RestPermissionsFilter
reaper_1  | INFO   [2023-11-15 13:30:55,750] [main] i.c.ReaperApplication - initializing runner thread pool with 32 threads and 2 repair runners
reaper_1  | INFO   [2023-11-15 13:30:55,751] [main] i.c.ReaperApplication - initializing storage of type: cassandra
reaper_1  | INFO   [2023-11-15 13:30:55,752] [main] i.c.s.InitializeStorage - Initializing the database and performing schema migrations
reaper_1  | INFO   [2023-11-15 13:30:55,766] [main] c.d.d.core - DataStax Java driver 3.11.0 for Apache Cassandra
reaper_1  | INFO   [2023-11-15 13:30:55,774] [main] c.d.d.c.GuavaCompatibility - Detected Guava >= 19 in the classpath, using modern compatibility layer
reaper_1  | INFO   [2023-11-15 13:30:55,987] [main] c.d.d.c.ClockFactory - Using native clock to generate timestamps.
reaper_1  | INFO   [2023-11-15 13:30:56,147] [main] c.d.d.c.NettyUtil - Did not find Netty's native epoll transport in the classpath, defaulting to NIO.
reaper_1  | INFO   [2023-11-15 13:30:56,738] [main] c.d.d.c.p.DCAwareRoundRobinPolicy - Using data-center name 'datacenter1' for DCAwareRoundRobinPolicy (if this is incorrect, please provide the correct datacenter name with DCAwareRoundRobinPolicy constructor)
reaper_1  | INFO   [2023-11-15 13:30:56,740] [main] c.d.d.c.Cluster - New Cassandra host /<seed1>:9042 added
reaper_1  | INFO   [2023-11-15 13:30:56,740] [main] c.d.d.c.Cluster - New Cassandra host /<seed2>:9042 added
reaper_1  | INFO   [2023-11-15 13:30:56,985] [main] o.c.c.m.MigrationRepository - Found 17 migration scripts
reaper_1  | INFO   [2023-11-15 13:30:56,986] [main] i.c.s.c.MigrationManager - Keyspace reaper_db already at schema version 32
reaper_1  | INFO   [2023-11-15 13:30:57,183] [main] i.c.ReaperApplication - no management connection factory given in context, creating default
reaper_1  | INFO   [2023-11-15 13:30:57,184] [main] i.c.ReaperApplication - HTTP management connection config not set, or set disabled. Creating JMX connection factory instead
reaper_1  | INFO   [2023-11-15 13:30:57,246] [main] i.c.m.j.JmxManagementConnectionFactory - Initializing JMX seed list for all clusters...
reaper_1  | INFO   [2023-11-15 13:30:57,266] [main] i.c.m.j.JmxConnectionsInitializer - Initializing JMX seed list for cluster smsccluster...
reaper_1  | INFO   [2023-11-15 13:30:57,281] [pool-2-thread-1] i.c.m.j.JmxConnectionsInitializer - failed to connect to hosts <seed1> through JMX
reaper_1  | java.lang.NullPointerException: null
reaper_1  |     at io.cassandrareaper.management.ClusterFacade.connectImpl(ClusterFacade.java:896)
reaper_1  |     at io.cassandrareaper.management.ClusterFacade.connectToManagementMechanism(ClusterFacade.java:205)
reaper_1  |     at io.cassandrareaper.management.jmx.JmxConnectionsInitializer.lambda$connectToJmx$0(JmxConnectionsInitializer.java:80)
reaper_1  |     at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
reaper_1  |     at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
reaper_1  |     at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
reaper_1  |     at java.base/java.lang.Thread.run(Thread.java:829)
reaper_1  | INFO   [2023-11-15 13:30:57,286] [pool-2-thread-2] i.c.m.j.JmxConnectionsInitializer - failed to connect to hosts <seed2> through JMX
reaper_1  | java.lang.NullPointerException: null
reaper_1  |     at io.cassandrareaper.management.ClusterFacade.connectImpl(ClusterFacade.java:896)
reaper_1  |     at io.cassandrareaper.management.ClusterFacade.connectToManagementMechanism(ClusterFacade.java:205)
reaper_1  |     at io.cassandrareaper.management.jmx.JmxConnectionsInitializer.lambda$connectToJmx$0(JmxConnectionsInitializer.java:80)
reaper_1  |     at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
reaper_1  |     at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
reaper_1  |     at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
reaper_1  |     at java.base/java.lang.Thread.run(Thread.java:829)
reaper_1  | INFO   [2023-11-15 13:30:57,287] [main] i.c.m.j.JmxManagementConnectionFactory - Initialized JMX seed list for all clusters.
reaper_1  | INFO   [2023-11-15 13:30:57,299] [main] i.c.ReaperApplication - creating and registering health checks
reaper_1  | INFO   [2023-11-15 13:30:57,300] [main] i.c.ReaperApplication - creating resources and registering endpoints
reaper_1  | INFO   [2023-11-15 13:30:58,863] [main] i.c.s.SchedulingManager - Starting new SchedulingManager instance
reaper_1  | INFO   [2023-11-15 13:30:58,865] [main] i.c.ReaperApplication - resuming pending repair runs
reaper_1  | INFO   [2023-11-15 13:30:58,897] [main] i.c.ReaperApplication - Initialization complete!
reaper_1  | INFO   [2023-11-15 13:30:58,900] [ReaperApplication-scheduler] i.c.ReaperApplication - Purged 0 repair runs from history
reaper_1  | WARN   [2023-11-15 13:30:58,903] [main] i.c.ReaperApplication - Reaper is ready to get things done!
reaper_1  | INFO   [2023-11-15 13:30:58,904] [main] i.d.s.ServerFactory - Starting cassandra-reaper
reaper_1  | _________                                          .___               __________
reaper_1  | \_   ___ \_____    ______ ___________    ____    __| _/___________    \______   \ ____ _____  ______   ___________
reaper_1  | /    \  \/\__  \  /  ___//  ___/\__  \  /    \  / __ |\_  __ \__  \    |       _// __ \\__  \ \____ \_/ __ \_  __ \
reaper_1  | \     \____/ __ \_\___ \ \___ \  / __ \|   |  \/ /_/ | |  | \// __ \_  |    |   \  ___/ / __ \|  |_> >  ___/|  | \/
reaper_1  |  \______  (____  /____  >____  >(____  /___|  /\____ | |__|  (____  /  |____|_  /\___  >____  /   __/ \___  >__|
reaper_1  |         \/     \/     \/     \/      \/     \/      \/            \/          \/     \/     \/|__|        \/
reaper_1  | INFO   [2023-11-15 13:30:59,151] [main] o.e.j.s.SetUIDListener - Opened application@7f51f588{HTTP/1.1, (http/1.1)}{0.0.0.0:8080}
reaper_1  | INFO   [2023-11-15 13:30:59,153] [main] o.e.j.s.SetUIDListener - Opened admin@120350eb{HTTP/1.1, (http/1.1)}{0.0.0.0:8081}
reaper_1  | INFO   [2023-11-15 13:30:59,156] [main] o.e.j.s.Server - jetty-9.4.49.v20220914; built: 2022-09-14T01:07:36.601Z; git: 4231a3b2e4cb8548a412a789936d640a97b1aa0a; jvm 11.0.20.1+9-LTS
reaper_1  | INFO   [2023-11-15 13:30:59,222] [main] o.e.j.s.session - DefaultSessionIdManager workerName=node0
reaper_1  | INFO   [2023-11-15 13:30:59,223] [main] o.e.j.s.session - No SessionScavenger set, using defaults
reaper_1  | INFO   [2023-11-15 13:30:59,230] [main] o.e.j.s.session - node0 Scavenging every 600000ms
reaper_1  | INFO   [2023-11-15 13:31:00,464] [main] i.d.j.DropwizardResourceConfig - The following paths were found for the configured resources:
reaper_1  |
reaper_1  |     GET     /cluster (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     POST    /cluster (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     POST    /cluster/auth (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     PUT     /cluster/auth/{cluster_name} (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     DELETE  /cluster/{cluster_name} (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     GET     /cluster/{cluster_name} (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     PUT     /cluster/{cluster_name} (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     GET     /cluster/{cluster_name}/tables (io.cassandrareaper.resources.ClusterResource)
reaper_1  |     GET     /crypto/encrypt/{text} (io.cassandrareaper.resources.CryptoResource)
reaper_1  |     GET     /diag_event/sse_listen/{id} (io.cassandrareaper.resources.DiagEventSseResource)
reaper_1  |     GET     /diag_event/subscription (io.cassandrareaper.resources.DiagEventSubscriptionResource)
reaper_1  |     POST    /diag_event/subscription (io.cassandrareaper.resources.DiagEventSubscriptionResource)
reaper_1  |     GET     /diag_event/subscription/adhoc (io.cassandrareaper.resources.DiagEventSubscriptionResource)
reaper_1  |     GET     /diag_event/subscription/pollers (io.cassandrareaper.resources.DiagEventSubscriptionResource)
reaper_1  |     DELETE  /diag_event/subscription/{id} (io.cassandrareaper.resources.DiagEventSubscriptionResource)
reaper_1  |     GET     /diag_event/subscription/{id} (io.cassandrareaper.resources.DiagEventSubscriptionResource)
reaper_1  |     GET     /jwt (io.cassandrareaper.resources.auth.ShiroJwtProvider)
reaper_1  |     POST    /login (io.cassandrareaper.resources.auth.LoginResource)
reaper_1  |     POST    /logout (io.cassandrareaper.resources.auth.LoginResource)
reaper_1  |     GET     /node/clientRequestLatencies/{clusterName}/{host} (io.cassandrareaper.resources.NodeStatsResource)
reaper_1  |     GET     /node/compactions/{clusterName}/{host} (io.cassandrareaper.resources.NodeStatsResource)
reaper_1  |     GET     /node/dropped/{clusterName}/{host} (io.cassandrareaper.resources.NodeStatsResource)
reaper_1  |     GET     /node/streams/{clusterName}/{host} (io.cassandrareaper.resources.NodeStatsResource)
reaper_1  |     GET     /node/tokens/{clusterName}/{host} (io.cassandrareaper.resources.NodeStatsResource)
reaper_1  |     GET     /node/tpstats/{clusterName}/{host} (io.cassandrareaper.resources.NodeStatsResource)
reaper_1  |     GET     /ping (io.cassandrareaper.resources.PingResource)
reaper_1  |     HEAD    /ping (io.cassandrareaper.resources.PingResource)
reaper_1  |     GET     /reaper/datacenterAvailability (io.cassandrareaper.resources.ReaperResource)
reaper_1  |     GET     /repair_run (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     POST    /repair_run (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     GET     /repair_run/cluster/{clusterName} (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     POST    /repair_run/purge (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     DELETE  /repair_run/{id} (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     GET     /repair_run/{id} (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     PUT     /repair_run/{id}/intensity/{intensity} (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     GET     /repair_run/{id}/segments (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     POST    /repair_run/{id}/segments/abort/{segment_id} (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     PUT     /repair_run/{id}/state/{state} (io.cassandrareaper.resources.RepairRunResource)
reaper_1  |     GET     /repair_schedule (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     POST    /repair_schedule (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     GET     /repair_schedule/cluster/{cluster_name} (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     POST    /repair_schedule/start/{id} (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     GET     /repair_schedule/{clusterName}/{id}/percent_repaired (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     DELETE  /repair_schedule/{id} (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     GET     /repair_schedule/{id} (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     PATCH   /repair_schedule/{id} (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     PUT     /repair_schedule/{id} (io.cassandrareaper.resources.RepairScheduleResource)
reaper_1  |     GET     /snapshot/cluster/{clusterName} (io.cassandrareaper.resources.SnapshotResource)
reaper_1  |     POST    /snapshot/cluster/{clusterName} (io.cassandrareaper.resources.SnapshotResource)
reaper_1  |     GET     /snapshot/cluster/{clusterName}/{host} (io.cassandrareaper.resources.SnapshotResource)
reaper_1  |     POST    /snapshot/cluster/{clusterName}/{host} (io.cassandrareaper.resources.SnapshotResource)
reaper_1  |     DELETE  /snapshot/cluster/{clusterName}/{host}/{snapshotName} (io.cassandrareaper.resources.SnapshotResource)
reaper_1  |     DELETE  /snapshot/cluster/{clusterName}/{snapshotName} (io.cassandrareaper.resources.SnapshotResource)
reaper_1  |
reaper_1  | INFO   [2023-11-15 13:31:00,470] [main] o.e.j.s.h.ContextHandler - Started i.d.j.MutableServletContextHandler@6bda1d19{/,null,AVAILABLE}
reaper_1  | INFO   [2023-11-15 13:31:00,485] [main] i.d.s.AdminEnvironment - tasks =
reaper_1  |
reaper_1  |     POST    /tasks/log-level (io.dropwizard.servlets.tasks.LogConfigurationTask)
reaper_1  |     POST    /tasks/gc (io.dropwizard.servlets.tasks.GarbageCollectionTask)
reaper_1  |
reaper_1  | INFO   [2023-11-15 13:31:00,496] [main] o.e.j.s.h.ContextHandler - Started i.d.j.MutableServletContextHandler@12968227{/,null,AVAILABLE}
reaper_1  | INFO   [2023-11-15 13:31:00,518] [main] o.e.j.s.AbstractConnector - Started application@7f51f588{HTTP/1.1, (http/1.1)}{0.0.0.0:8080}
reaper_1  | INFO   [2023-11-15 13:31:00,520] [main] o.e.j.s.AbstractConnector - Started admin@120350eb{HTTP/1.1, (http/1.1)}{0.0.0.0:8081}
reaper_1  | INFO   [2023-11-15 13:31:00,521] [main] o.e.j.s.Server - Started @7912ms
reaper_1  | INFO   [2023-11-15 13:31:08,073] [dw-36] o.a.s.s.m.AbstractValidatingSessionManager - Enabling session validation scheduler...
Miles-Garnsey commented 1 year ago

I'm attempting to reproduce this issue. I run the following commands from the repo's root directory, based on what is in the tests:

docker buildx build --load -f src/server/src/main/docker/Dockerfile . --tag cassandra-reaper:latest
docker-compose -f ./src/packaging/docker-build/docker-compose.yml build
docker-compose -f ./src/packaging/docker-build/docker-compose.yml run build
VERSION=$(printf 'VER\t${project.version}' | mvn help:evaluate | grep '^VER' | cut -f2)
docker build --build-arg SHADED_JAR=src/server/target/cassandra-reaper-${VERSION}.jar -f src/server/src/main/docker/Dockerfile -t cassandra-reaper:latest .
sudo rm -vfr ./src/packaging/data/
docker-compose -f ./src/packaging/docker-compose.yml up -d cassandra
sleep 30 && docker-compose -f ./src/packaging/docker-compose.yml run cqlsh-initialize-reaper_db
sleep 10 && docker-compose -f ./src/packaging/docker-compose.yml up -d reaper
docker ps -a

# Create cluster
sleep 30 && src/packaging/bin/spreaper login admin
mkdir -p ~/.reaper
        echo "admin" > ~/.reaper/credentials
        sleep 30 && src/packaging/bin/spreaper login admin
        src/packaging/bin/spreaper add-cluster $(docker-compose -f ./src/packaging/docker-compose.yml run nodetool status | grep UN | tr -s ' ' | cut -d' ' -f2) 7199 > cluster.json

We should then see the reaper container running if we run docker ps. When I attempt to log into the Reaper UI, I am able to login with admin:admin as expected.

image

Based on some other discussions with had recently with users who have had login issues, I've also checked that shiro.ini exists in the container:

$ docker exec -it 9cdd08c1f77b bash
$ cat etc/cassandra-reaper/shiro.ini

[main]
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager.sessionIdCookieEnabled = true
sessionManager.sessionIdCookie.secure = true
sessionManager.sessionIdCookie.sameSite = NONE
securityManager.sessionManager = $sessionManager

rememberMeManager = org.apache.shiro.web.mgt.CookieRememberMeManager
rememberMeManager.cookie.secure = true
rememberMeManager.cookie.sameSite = NONE
securityManager.rememberMeManager = $rememberMeManager

authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
authc.loginUrl = /webui/login.html

# Java Web Token authentication for REST endpoints
jwtv = io.cassandrareaper.resources.auth.ShiroJwtVerifyingFilter
rest = io.cassandrareaper.resources.auth.RestPermissionsFilter

# Example LDAP realm, see https://shiro.apache.org/static/1.2.4/apidocs/org/apache/shiro/realm/ldap/JndiLdapContextFactory.html
;ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm
;ldapRealm.userDnTemplate = uid={0},ou=users,dc=cassandra-reaper,dc=io
;ldapRealm.contextFactory.url = ldap://ldapHost:389
;ldapRealm.contextFactory.authenticationMechanism = DIGEST-MD5
;ldapRealm.contextFactory.systemUsername = cn=Manager, dc=example, dc=com
;ldapRealm.contextFactory.systemPassword = secret
;ldapRealm.contextFactory.environment[java.naming.security.credentials] = ldap_password

# Disable global filters introduced in Shiro 1.6.0 as they break our redirects.
filterChainResolver.globalFilters = null

[roles]
operator = *
user = *:read

[urls]
# Web UI requires manual authentication and session cookie
/webui/ = authc
/webui = authc
/jwt = authc
/webui/*.html* = authc

# login page and all js and css resources do not require authentication
/webui/login.html = anon
/webui/** = anon
/ping = anon
/login = anon

# REST endpoints require a Java Web Token and uses the HttpMethodPermissionFilter for http method level permissions
/cluster/** = noSessionCreation,jwtv,rest[cluster]
/repair_schedule/** = noSessionCreation,jwtv,rest[repair_schedule]
/repair_run/** = noSessionCreation,jwtv,rest[repair_run]
/snapshot/** = noSessionCreation,jwtv,rest[snapshot]
/** = noSessionCreation,jwtv

#  custom authentication will be appended
[users]

You may want to compare the shiro.ini here against yours to confirm the relevant fields match.

My environment is as follows:

REAPER_LOGGING_ROOT_LEVEL=DEBUG
REAPER_AUTO_SCHEDULING_EXCLUDED_CLUSTERS=[test_cluster]
REAPER_AUTO_SCHEDULING_ADAPTIVE=true
REAPER_REPAIR_MANAGER_SCHEDULING_INTERVAL_SECONDS=10
REAPER_AUTO_SCHEDULING_EXCLUDED_KEYSPACES=[test_keyspace]
REAPER_LOGGING_LOGGERS={}
REAPER_REPAIR_PARALELLISM=SEQUENTIAL
REAPER_AUTO_SCHEDULING_PERCENT_UNREPAIRED_THRESHOLD=10
REAPER_DB_PASSWORD=
CRYPTO_SYSTEM_PROPERTY_SECRET=CRYPTO_SECRET
REAPER_SERVER_APP_PORT=8080
REAPER_CASS_ACTIVATE_QUERY_LOGGER=false
REAPER_AUTH_ENABLED=true
REAPER_AUTH_PASSWORD=
REAPER_MAX_PENDING_COMPACTIONS=10
REAPER_JMX_CREDENTIALS=
TERM=xterm
REAPER_ENABLE_CROSS_ORIGIN=true
REAPER_CASS_AUTH_ENABLED=false
REAPER_AUTH_USER=
REAPER_SERVER_ADMIN_BIND_HOST=0.0.0.0
REAPER_INCREMENTAL_REPAIR=true
REAPER_JMX_CONNECTION_TIMEOUT_IN_SECONDS=60
REAPER_CASS_NATIVE_PROTOCOL_SSL_ENCRYPTION_ENABLED=false
REAPER_ENABLE_DYNAMIC_SEED_LIST=false
SHLVL=1
REAPER_SERVER_APP_BIND_HOST=0.0.0.0
REAPER_CASS_KEYSPACE=reaper_db
REAPER_AUTO_SCHEDULING_PERIOD_BETWEEN_POLLS=PT20M
REAPER_METRICS_REPORTERS=[]
REAPER_AUTO_SCHEDULING_SCHEDULE_SPREAD_PERIOD=PT3H
REAPER_METRICS_FREQUENCY=1 minute
REAPER_MAX_PARALLEL_REPAIRS=2
REAPER_LOGGING_APPENDERS_CONSOLE_THRESHOLD=INFO
REAPER_SHIRO_INI=
REAPER_DB_URL=
REAPER_JMX_AUTH_USERNAME=reaperUser
REAPER_CASS_LOCAL_DC=
CRYPTO_SECRET=secret
REAPER_SEGMENT_COUNT_PER_NODE=9
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/default-jvm/bin
REAPER_CASS_CONTACT_POINTS=["cassandra"]
REAPER_LOGGING_APPENDERS_CONSOLE_LOG_FORMAT="%-6level [%d] [%t] %logger{5} - %msg %n"
REAPER_MGMT_API_METRICS_PORT=9000
REAPER_JMXMP_ENABLED=false
REAPER_SCHEDULE_DAYS_BETWEEN=4
Miles-Garnsey commented 1 year ago

I've tried to log in using a tarball install as well, I can't find any issues there either. I'm going to close this pending further information. If we can get enough info to reproduce I'll happily re-open it.