Hello,
I deployed MAAS and configured Auth to use Candid without Rbac.
When i hit the page http://MAAS_VIP:5240/MAAS/r/, it auto spawn a Candid login page on a new window(http://MAAS_VIP:8081/login-redirect…)
I login on that new window with credentials and it returns like “You are now logged in as admin, you can now close the window”.
However when i closed the Candid login window, the maas windows doesn’t refresh automatically.
Is there something i’m missing here?
I used this command to configure MAAS to point to Candid. I’m using maas version 3.4.3-14361-g.56ec7f0c23-0ubuntu1~22.04.1 and candid v1.8.1 799.
maas configauth --rbac-url ‘’ --candid-agent-file /var/snap/candid/799/admin.keys --candid-domain ‘example.com’ --candid-admin-group admin,group1
Any takers? I’m able to authenticate with Candid but MAAS UI is not refreshing.
Upgraded to the latest maas version 3.5.0-16308-g.c799a1080-0ubuntu1~22.04.1 and issue persist.
Candid is able to authenticate a user but MAAs Web UI doesn’t refresh the login page.
Using MAAS cli shows an error - “third party refused dischargex: discharge failed with code 500”
here is the logs
==> /var/snap/candid/common/logs/candid.access.log <==
172.21.65.193 - - [16/Aug/2024:15:13:15 -0400] “GET /discharge/info HTTP/1.1” 200 72 “” “python-requests/2.25.1”
==> http/access.log <==
172.21.65.193 - - [16/Aug/2024:15:13:15 -0400] “POST /MAAS/api/2.0/account/?op=create_authorisation_token HTTP/1.1” 401 1047 “-” “python-requests/2.25.1”
==> /var/snap/candid/common/logs/candid.access.log <==
172.21.65.193 - - [16/Aug/2024:15:13:15 -0400] “POST /discharge HTTP/1.1” 401 1046 “” “python-requests/2.25.1”
172.21.65.193 - - [16/Aug/2024:15:13:16 -0400] “GET /login?did=3467e6f5a2324f4aa1e91b1e30228bdd4e965aaa634a072e6ee8927003bde088&domain=example.com HTTP/1.1” 307 238 “” “ELinks/0.13.2 (textmode; Linux 5.15.0-117-generic x86_64; 112x19-2)”
172.21.65.193 - - [16/Aug/2024:15:13:16 -0400] “GET /login-redirect?domain=example.com&return_to=https%3A%2F%2Flxutlutildevs57.example.com%3A8081%2Flogin-complete&state=CyhcfXbsJPTyonHTSXa4_613qfEyZJxI5wZdHHlIM-I HTTP/1.1” 200 1651 “https://lxutlutildevs57.example.com:8081/login?did=3467e6f5a2324f4aa1e91b1e30228bdd4e965aaa634a072e6ee8927003bde088&domain=example.com” “ELinks/0.13.2 (textmode; Linux 5.15.0-117-generic x86_64; 112x19-2)”
172.21.65.193 - - [16/Aug/2024:15:13:16 -0400] “GET /static/css/vanilla-framework-version-2.24.1.min.css HTTP/1.1” 200 247102 “https://lxutlutildevs57.example.com:8081/login-redirect?domain=example.com&return_to=https%3A%2F%2Flxutlutildevs57.example.com%3A8081%2Flogin-complete&state=CyhcfXbsJPTyonHTSXa4_613qfEyZJxI5wZdHHlIM-I” “ELinks/0.13.2 (textmode; Linux 5.15.0-117-generic x86_64; 112x19-2)”
172.21.65.193 - - [16/Aug/2024:15:13:16 -0400] “GET /static/css/vanilla.css HTTP/1.1” 200 1344 “https://lxutlutildevs57.example.com:8081/login-redirect?domain=example.com&return_to=https%3A%2F%2Flxutlutildevs57.example.com%3A8081%2Flogin-complete&state=CyhcfXbsJPTyonHTSXa4_613qfEyZJxI5wZdHHlIM-I” “ELinks/0.13.2 (textmode; Linux 5.15.0-117-generic x86_64; 112x19-2)”
172.21.65.193 - - [16/Aug/2024:15:13:28 -0400] “GET /login/static/login?state=fp-DDIgzrTKvvjY96T8_WVe2-dZtvk_u9JIuLj3MvXI HTTP/1.1” 200 1641 “https://lxutlutildevs57.example.com:8081/login-redirect?domain=example.com&return_to=https%3A%2F%2Flxutlutildevs57.example.com%3A8081%2Flogin-complete&state=CyhcfXbsJPTyonHTSXa4_613qfEyZJxI5wZdHHlIM-I” “ELinks/0.13.2 (textmode; Linux 5.15.0-117-generic x86_64; 112x19-2)”
==> http/access.log <==
172.21.65.193 - - [16/Aug/2024:15:13:29 -0400] “GET /MAAS/rpc/ HTTP/1.1” 200 244 “-” “provisioningserver.rpc.clusterservice.ClusterClientService”
==> /var/snap/candid/common/logs/candid.access.log <==
172.21.65.193 - - [16/Aug/2024:15:13:43 -0400] “POST /login/static/login?state=fp-DDIgzrTKvvjY96T8_WVe2-dZtvk_u9JIuLj3MvXI HTTP/1.1” 303 0 “https://lxutlutildevs57.example.com:8081/login/static/login?state=fp-DDIgzrTKvvjY96T8_WVe2-dZtvk_u9JIuLj3MvXI” “ELinks/0.13.2 (textmode; Linux 5.15.0-117-generic x86_64; 112x19-2)”
172.21.65.193 - - [16/Aug/2024:15:13:43 -0400] “GET /login-complete?code=CoBARIdfze3IqkwEg-ko5fKz728D1E7kau6J3Fwcmfo&state=CyhcfXbsJPTyonHTSXa4_613qfEyZJxI5wZdHHlIM-I HTTP/1.1” 200 1081 “https://lxutlutildevs57.example.com:8081/login/static/login?state=fp-DDIgzrTKvvjY96T8_WVe2-dZtvk_u9JIuLj3MvXI” “ELinks/0.13.2 (textmode; Linux 5.15.0-117-generic x86_64; 112x19-2)”
172.21.65.193 - - [16/Aug/2024:15:13:53 -0400] “GET /wait-token?did=3467e6f5a2324f4aa1e91b1e30228bdd4e965aaa634a072e6ee8927003bde088 HTTP/1.1” 200 252 “” “python-requests/2.25.1”
172.21.65.193 - - [16/Aug/2024:15:13:54 -0400] “POST /discharge HTTP/1.1” 500 110 “” “python-requests/2.25.1”
misconfigured configauth of maas. this is good now.
1 Like
Hi,
I’m new to MAAS, i’m trying to create new user with super-admin access, but admin access is not allowed for new user. can you please let me know, how can we fix the issue.
I am also facing similar issue where i am able to login and MAAS UI is loading for where as others are getting below as attached, where we all are part of same issue, any suggestions how we can metigate this ?
