Comments (4)
Are you seeing a log when the request is received?
What provider are you using?
from traefik-forward-auth.
@thomseddon thanks for taking the time to respond! No I'm not seeing no request in the logs at the moment it's timing out. At the same time (doing a simultaneous ping) the host is still reachable, so from the first idea it won't seem like core network issues.
If I'm correct a request to a Traefik backend with traefik-forward-auth follows the following path (presuming a valid cookie is set already). My traefik-forward-auth container name is 'auth-trusted'.
- connect to Traefik IP with SNI target.example.com
- redirect to internal traefik.frontend.auth.forward.address=http://auth-trusted:4181
- validate the cookie and redirect to Traefik IP with SNI target example.com
- Traefik redirects the request to the hostname:port defined for target.example.com
Is that correct? I'm trying to see where in this path there might be something going wrong...
from traefik-forward-auth.
This can be closed - the source of the problem was assymetric routing causing packets not to arrive at the right destination.
from traefik-forward-auth.
Hi,
I have Traefik configured behind MetalLB and I'm experiencing timeouts as well on my HTTP and TCP connections. Would you mind going into more detail about how you determined that you were getting assymetric routing with packets not arriving at the intended destination? Perhaps it may shed some light on the issue we are seeing.
Thanks in advance,
Kavita
from traefik-forward-auth.
Related Issues (20)
- On redirect Traefik-forward-auth strips away any existing query-params after successfully authenticating (oauth)
- Google OAuth Set CSRF cookie and redirected to provider login url HOT 4
- Not found "_oauth" with Azure provider HOT 1
- Use docker secrets for environment variables HOT 2
- Feature request: Pull information about groups of user HOT 1
- How to check for token revocation?
- Safe deployment HOT 1
- multiple whitelist users in rules doesn't work HOT 1
- go-compiler Multiple Vulnerabilities
- whitelist rule not working with arm64 images or images <= 2.2
- Invalid Cookie should point to a recoverable state
- oidc: issuer did not match the issuer returned by provider HOT 2
- oidc: id token signed with unsupported algorithm, expected ["RS256"] got "ES384" HOT 2
- 404 not found after Successful Sign in HOT 2
- Endless loop when using OIDC (cognito) as provider ERR_TOO_MANY_REDIRECTS HOT 3
- Missing Binary Files (and Instructions)
- Device code flow support
- Whitelist is case sensitive
- Getting this error when trying to install via truecharts HOT 1
- Trim the whitelisted emails
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from traefik-forward-auth.