MAAS 3.2 beta 2/3 bug with redirect and candid auth

adolfo94 · 25 April 2022 11:12

Hi all,
We are trying snap MAAS 3.2-beta3 (beta2 has the same issues) and we encounter two problems.

The first one is related to TLS/Apache proxy.

After the update, If you had configured the TLS using the guide on the docs. When you acces to maas using the port 443 (apache configured) maas will replay with a redirect using the snap port were it’s listening.

curl -i https://maas.mydomain.com/                      
HTTP/1.1 301 Moved Permanently
Date: Mon, 25 Apr 2022 10:44:48 GMT
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Content-Length: 178
Location: https://maas.mydomain.com:5443/MAAS/r/
Strict-Transport-Security: max-age=86400; includeSubdomains

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

There is any way to configure the maas url, so the snap nginx will return right ?

The second one is related with candid.
If you had configured the authentication with candid, when you acces to maas trough the web UI, you can’t open candid to authenticated. The web browser do a POST to /discharge with a corrupted “id”. This doesn’t happend with the API.

It seems to by a wrong encoded/charset.

billwear · 25 April 2022 19:12

thanks for trapping this. without looking too deeply, i’d say this deserves a bug report. please use this guide to file one, if you don’t mind.

note that the answer might be simpler than that, but this looks like something we need to at least treat as a potential bug until we figure it out.

adolfo94 · 26 April 2022 06:52

Thanks, I will recompile more info and then summit the report to launchpad.

adolfo94 · 11 May 2022 14:41

I self close the post since the bug was solved.

system · 13 May 2022 14:41

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.