preauthenticated "Authorization is required"

7 views
Skip to first unread message

William Edsall

unread,
Apr 4, 2022, 9:05:01 AMApr 4
to rundeck-discuss
Hi team,

 Hoping someone can help point me in the right direction.

I'm just trying to test preauthentication with headers. I believe the headers are being sent, but no matter what rundeck says Error Authentication is Required. 

Apache:
<Location /rundeck>

        RequestHeader set X-Forwarded-Uuid testadmin
        RequestHeader set X-Forwarded-Roles admin,test
        ProxyPass  http://localhost:4440/
        ProxyPassReverse http://localhost:4440/
</Location>

rundeck-config.properties:
rundeck.security.authorization.preauthenticated.enabled=true
rundeck.security.authorization.preauthenticated.attributeName=REMOTE_USER_GROUPS
rundeck.security.authorization.preauthenticated.delimiter=,
rundeck.security.authorization.preauthenticated.userNameHeader=X-Forwarded-Uuid
rundeck.security.authorization.preauthenticated.userRolesHeader=X-Forwarded-Roles

Rundeck version = rundeck-4.0.0.20220322

Should this be sufficient to test preauth with headers? 

Thanks
William

William Edsall

unread,
Apr 4, 2022, 9:25:38 AMApr 4
to rundeck-discuss
Hello,
 A quick follow up - this is no longer an issue. I reinstalled Rundeck from scratch and it seemed to solve. Must have been a stray configuration change.

The next thing that tripped me up was handling REMOTE_USER for preauthentication. Would love to hear how some of you are handling preauthentication w/Apache. I have a solution but it's not elegant - the challenge seems to be doing any sort of logic with REMOTE_USER because authentication is processed after if/else statements. If I want to say set a specific user to an admin but everyone else to users - that's where it seemed to get tricky.
Reply all
Reply to author
Forward
0 new messages