Hi,
This is just a follow-up of my yesterday's question. I figured this might be more explicit.
I'm hitting this error while hitting:
http://fabric8.apps.intrinsic.world/workspaces/default/forge/command/project-newThe console reports not being able to call the following endpoint:
https://paas.intrinsic.world:8443/api/v1/proxy/namespaces/default/services/fabric8-forge/api/forge/command/validate/project-new?secret=candide&secretNamespace=user-secrets-source-adminWhen I open it in a separate browser window, I get:
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "User \"system:anonymous\" cannot \"proxy\" \"services\" with name \"fabric8-forge\" in project \"default\"",
"reason": "Forbidden",
"details": {
"name": "fabric8-forge",
"kind": "services"
},
"code": 403
}
I don't even know how to start debugging this problem. I'd love to have some pointers. What it looks like is that the user I'm authenticated with (admin) has not propagated the authentication context to the point where it calls the above URL. I struggled to get fabric8 to work on a master-node setup and had to go through great length to make sure that authentication worked while the fabric8 app is running on the node and authentication actually takes place on the master. I suspect that, perhaps, the session token is not available everywhere it is needed.
I feel doomed :-/ Please help.
Candide