WARNING keystone.server.flask.application [req-b12c1bfd-b976-44aa-993f-f17468df750d - - - - -] Authorization failed. The request you have made requires authentication. from 10.0.0.12: keystone.exception.Unauthorized: The request you have made requires authentication.
I can't solve this problem I'm new in this field
Related
I'm currently running into an OAuth token endpoint failure using the AspNet.Security.OAuth.Discord library during login after Discord has authenticated me and returned to my ASP.NET site. The code for authentication is detailed below, with full error logs and relevant controller, with all this running in a docker container. Any help would be greatly appreciated!
The exact error is AspNet.Security.OAuth.Discord.DiscordAuthenticationHandler[4]: Error from RemoteAuthentication: OAuth token endpoint failure: Status: BadRequest. This occurs after visiting http://.../login, which returns to the default /signin-discord URL of the library, with an expected parameter of code in /signin-discord?code=.....
Authentication Scheme when creating WebApplication:
MVC Controller:
Error Logs:
Seemingly fixed by putting app.UseAuthentication(); below app.UseRouting(); and above app.UseAuthorization(); and app.UseEndpoints();
I am using JFrog Artifactory 7.5.7 installed on CentOS 7.
I am facing an issue with "Remember Me" feature on the login page, when I select it the login fails and I get the following error on the UI:
500 Server Error
An unexpected error has occurred and your request could not be completed.Please try again and in case this problem persists contact your system administrator.
From the browser's Developer Tools > Network trace I see the following request is failing:
Request URL:https:// Server Name /ui/api/v1/ui/auth/login?_spring_security_remember_me=true
Request Method:POST
Remote Address:xxx.xxx.xxx.xxx
Status Code:502
I can see that request in few different Artifactory logs, but no hints so as to why it fails.
Do you have any tips how to further troubleshoot that issue?
Thanks in advance!
Seeing the same thing on 7.5.7
Chrome debug:
Request URL:
https://INTERNAL_HOSTNAME/ui/api/v1/ui/auth/login?_spring_security_remember_me=true
Request Method: POST Status Code: 502 Remote Address:
INTERNAL_IP:443 Referrer Policy: no-referrer
Relevant log entry:
2020-07-10T04:31:56.696Z [jfac ] [INFO ] [4db58a22a87c78cb]
[j.a.s.s.t.TokenServiceImpl:405] [27.0.0.1-8040-exec-6] - Deleted 1
tokens with user: 'noe.gonzalez' and scope
'authentication:remember-me'.
Seems like the token/session is getting revoked even when checking the "remember me" box on homepage.
The issue got fixed after upgrading the artifactory to 7.6.3
This happens in Artifactory 7.5.8 too. Getting this event logged in the console.log - [j.a.s.s.t.TokenServiceImpl:405] [7.0.0.1-8040-exec-10] - Deleted 1 tokens with user: '' and scope 'authentication:remember-me'.
Tried this in Incognito in FF, but it still throws the same error. The UI shows '500 Server Error' where as the web console says its a '502 Bad Gateway' from the Nginx server.
Unchecking 'remember me' checkbox when logging in is the way around.
I'm trying to connect my wso2 API manager to external LDAP/Active Directory. LDAP connection is fine but I'm getting this error while starting the server.
9714 is SSL port
[2018-07-13 14:52:03,250] ERROR - JMSListener Unable to continue server startup as it seems the JMS Provider is not yet started. Please start the JMS provider now.
[2018-07-13 14:52:03,251] ERROR - JMSListener Connection attempt : 5 for JMS Provider failed. Next retry in 320 seconds
[2018-07-13 14:52:27,889] WARN - DataEndpointGroup No receiver is reachable at reconnection, will try to reconnect every 30 sec
[2018-07-13 14:52:27,906] INFO - DataBridge user admin connected
[2018-07-13 14:52:27,914] ERROR - AuthenticationServiceImpl Invalid User : admin
[2018-07-13 14:52:27,915] ERROR - DataEndpointConnectionWorker Error while trying to connect to the endpoint. Cannot borrow client for ssl://10.10.183.27:9714.
org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException: Cannot borrow client for ssl://10.10.183.27:9714.
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:134)
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.run(DataEndpointConnectionWorker.java:59)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException:
Error while trying to login to data receiver :/10.10.183.27:9714
at org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint.login(BinaryDataEndpoint.java:50) at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:128)
... 6 more
This error usually is due to the Analytics configuration or Throttling configuration.
Try to disable the Analytics publisher in the api-manager.xml file, if enabled, or review the connection details under DASServerUrl element.
<Analytics>
<!-- Enable Analytics for API Manager -->
<Enabled>false</Enabled>
<!-- Server URL of the remote DAS/CEP server used to collect statistics. Must
be specified in protocol://hostname:port/ format.
An event can also be published to multiple Receiver Groups each having 1 or more receivers. Receiver
Groups are delimited by curly braces whereas receivers are delimited by commas.
Ex - Multiple Receivers within a single group
tcp://localhost:7612/,tcp://localhost:7613/,tcp://localhost:7614/
Ex - Multiple Receiver Groups with two receivers each
{tcp://localhost:7612/,tcp://localhost:7613},{tcp://localhost:7712/,tcp://localhost:7713/} -->
<DASServerURL>{tcp://localhost:7612}</DASServerURL>
<!--DASAuthServerURL>{ssl://localhost:7712}</DASAuthServerURL-->
<!-- Administrator username to login to the remote DAS server. -->
<DASUsername>${admin.username}</DASUsername>
<!-- Administrator password to login to the remote DAS server. -->
<DASPassword>${admin.password}</DASPassword>
You can also try to disable, or review the configuration in ReceiverUrlGroup and AuthUrlGroup, of the Advanced Throttling feature.
<ThrottlingConfigurations>
<EnableAdvanceThrottling>false</EnableAdvanceThrottling>
<DataPublisher>
<Enabled>true</Enabled>
<Type>Binary</Type>
<ReceiverUrlGroup>tcp://${carbon.local.ip}:${receiver.url.port}</ReceiverUrlGroup>
<AuthUrlGroup>ssl://${carbon.local.ip}:${auth.url.port}</AuthUrlGroup>
<Username>${admin.username}</Username>
<Password>${admin.password}</Password>
I faced the same issue. Check the log of traffic manager, if there arn't any exceptions. Kill & start traffic manager helped me.
After configuring the solr server, the solr server could be reached
Connection:The Solr server could be reached (latency: 4.6079622039795 ms).
But the extra information gives me :
An error occurred while trying to retrieve additional information from the Solr server: "401" Status: Unauthorized: Unauthorized<html><head><title>Apache Tomcat/7.0.28 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.28</h3></body></html>.
I can't figure out what the problem is. Someone knows how to solve this?
The error is generated by Tomcat - the application server that hosts Solr (and possibly other Java web applications). It has been configured to require authenticated clients (through HTTP auth) from the host you're requesting the content from (or for accessing the Solr resource).
You'll have to reconfigure Tomcat to allow connections to Solr or supply a username / password (.. and make sure you can access the URL to the Solr server in your own browser first).
I resolved it by inserting a username and password in the section:
BASIC HTTP AUTHENTICATION
If your Solr server is protected by basic HTTP authentication, enter the login data here.
However I get a new error:
You are using an incompatible schema.xml configuration file. Please follow the instructions in the INSTALL.txt file for setting up Solr.
I'm setting up a new PC and I installed my project to work with. It is a .NET Remoting 2.0 application that uses the ASP.NET development server to host the server side while developing. I'm getting the following error when I make requests to the server:
"The remote server returned an error: (403) Forbidden. "
I've checked the credentials being passed in and everything seems to be correct. The call is all local to my dev box and to top it off. The code hasnt' changed and all of my colleagues are working fine. Any ideas?
OK. I've found the answer ... better part of a day shot though. Turns out the 403 error is thrown by one of our channel sink providers that filters on IP values. The channel sink provider was written with some big assumptions.
First off, it is looking for the address of the calling machine and comparing it to an ip whitelist. The author blindly gathered the first first entry in the list:
Dns.GetHostEntry(machineName).AddressList[0].Address
Turns out on my new machine, I have IPv6 enabled, so the first entry is actually the IPv6 entry. After referencing the MSDN, I discovered that the Address property is now "Obsolete", for obvious reasons.
What is the error subcode?
403 - Forbidden. IIS defines several different 403 errors that indicate a more specific cause of the error:
• 403.1 - Execute access forbidden.
• 403.2 - Read access forbidden.
• 403.3 - Write access forbidden.
• 403.4 - SSL required.
• 403.5 - SSL 128 required.
• 403.6 - IP address rejected.
• 403.7 - Client certificate required.
• 403.8 - Site access denied.
• 403.9 - Too many users.
• 403.10 - Invalid configuration.
• 403.11 - Password change.
• 403.12 - Mapper denied access.
• 403.13 - Client certificate revoked.
• 403.14 - Directory listing denied.
• 403.15 - Client Access Licenses exceeded.
• 403.16 - Client certificate is untrusted or invalid.
• 403.17 - Client certificate has expired or is not yet valid.
• 403.18 - Cannot execute requested URL in the current application pool. This error code is specific to IIS 6.0.
• 403.19 - Cannot execute CGIs for the client in this application pool. This error code is specific to IIS 6.0.
• 403.20 - Passport logon failed. This error code is specific to IIS 6.0.