hello
I have a problem when i try to have a SSO between nginx 1.10.3 and graylog 2.5.0
this is my configuration for nginx: /etc/nginx/sites-available/reverseProxy
location / {
auth_basic “Restricted Access”;
auth_basic_user_file “/etc/nginx/.htpasswd”;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
}
location /graylog {
auth_basic "Restricted Access";
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Remote-User $remote_user;
#proxy_set_header X-Forwarded-User $remote_user;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL http://1.0.0.10/graylog/api;
proxy_set_header X-Requested-By $remote_addr;
proxy_pass http://1.15.15.15:9001/graylog;
}
and my configuration for grafana : /etc/graylog/server/server.conf
rest_listen_uri = http://1.15.15.15:9001/graylog/api
web_listen_uri = http://1.15.15.15:9001/graylog
the problem is, when i log on with internet explorer the SSO work perfectly, but when i try to log on with mozilla firefox or chrome, I am authenticated with the user “undefined” and i don’t know why ??
and this is the log of graylog i found:
2019-02-01T12:54:18.678+01:00 DEBUG [ModularRealmAuthenticator] Realm [org.graylog.plugins.auth.sso.SsoAuthRealm@534ef0b4] does not support token org.apache.shiro.auhc.UsernamePasswordToken - XXXXX, rememberMe=false (192.168.30.126). Skipping realm.
but i don’t know how to solve this issue, how can i disable: org.apache.shiro.auhc.UsernamePasswordToken
please help me…
- Graylog Version: 2.5.0
- Plugin Version: 2.5.0
- Nginx: 1.10.3
- Elasticsearch: 6.5.3
- MongoDB Version: 4.0.4
- Operating System: debian 9.6
- Browser version: mozilla 64.4.0.2
thank very much for your help: