Open shk3 opened 1 week ago
mosabua
commented
6 days ago From my limited understanding this would require for Trino Gateway to support JWT token auth .. at this stage this is not the case.
I am not sure if adding the basic auth credentials to the ajax calls would solve your issue but you could try and if it works send a PR.
shk3
commented
6 days ago From my limited understanding this would require for Trino Gateway to support JWT token auth .. at this stage this is not the case.
I am not sure if adding the basic auth credentials to the ajax calls would solve your issue but you could try and if it works send a PR.
For our use case, we are not expecting Trino Gateway to use the basic auth creds for its own authentication. Our setup has a basic auth to protect the whole domain, and the fact that the ajax calls don't carry basic auth creds causes these calls to get HTTP 401.
I have tried to fix it myself but cannot find a way to propagate the basic creds with my limited frontend knowledge.
oneonestar
commented
4 days ago The current implementation is:
/login/login returns a JWT signed by authentication.form.selfSignKeyPair.privateKeyRsa
Our setup uses Basic Auth for users via a transparent proxy that exchange the Basic Auth credentials to JWT token and passes to the backend. When we have Trino Gateway set up behind this transparent proxy, users would need to provide credentials via Basic Auth as required for other part of Trino.
While the Trino Gateway UI can load properly under Basic Auth, it looks like the ajax calls made by this UI do not carry the Basic Auth credentials in the request headers. All the resources (images / css / js files) are loaded properly with Basic Auth credentials inherited from the page itself, but the ajax calls don't carry these credentials.
It seems to me that this might be related to the
getHeadersfunction as defined here: https://github.com/trinodb/trino-gateway/blob/23e832071ecda6e1bede82be7db08d8b1150dead/webapp/src/api/base.ts#L123-L138I'm not sure how to make it work though, but at this point, our UI is rendered without data because of this header not being carried.
Does anyone else run into this issue too?