Dear Hector, Thanks for trying out the Reverse Proxy configuration. I modified my proxy configuration as you instructed.
When I navigated to: https://localhost:9999/sunstone I received the following: Forbidden You don't have permission to access /sunstone on this server. Apache Error Log File: [Wed Dec 21 19:20:34 2011] [error] [client 10.1.0.3] client denied by server configuration: /var/www/sunstone [Wed Dec 21 19:20:34 2011] [error] [client 10.1.0.3] client denied by server configuration: /var/www/favicon.ico Apache Access Log File: 10.1.0.3 - - [21/Dec/2011:19:20:34 -0600] "GET /sunstone HTTP/1.1" 403 9208 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:19:20:34 -0600] "GET /favicon.ico HTTP/1.1" 403 340 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) When I navigated to: https://localhost:9999/sunstone/ I received the correct log-in window, CSS, JS, and all: The OpenNebula Cloud Operations Center Apache Error Log File: [Wed Dec 21 20:19:13 2011] [error] [client 10.1.0.3] client denied by server configuration: /var/www/favicon.ico Apache Access Log File: 10.1.0.3 - - [21/Dec/2011:20:19:07 -0600] "GET /sunstone/images/opennebula-sunstone-big.png HTTP/1.1" 200 16880 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:07 -0600] "GET /sunstone/images/login.png HTTP/1.1" 200 4186 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:07 -0600] "GET /sunstone/images/login_over.png HTTP/1.1" 200 3690 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:07 -0600] "GET /sunstone/images/panel.png HTTP/1.1" 200 2362 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:13 -0600] "GET /sunstone/ HTTP/1.1" 200 836 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:13 -0600] "GET /sunstone/css/login.css HTTP/1.1" 200 1396 "https://localhost:9999/sunstone/"; "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:13 -0600] "GET /sunstone/images/opennebula-sunstone-big.png HTTP/1.1" 200 223 "https://localhost:9999/sunstone/"; "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:13 -0600] "GET /sunstone/images/panel.png HTTP/1.1" 200 138 "https://localhost:9999/sunstone/"; "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:13 -0600] "GET /sunstone/images/login.png HTTP/1.1" 200 138 "https://localhost:9999/sunstone/"; "Mozilla/5.0 (X11; U; Linux i686; en-US) 10.1.0.3 - - [21/Dec/2011:20:19:13 -0600] "GET /favicon.ico HTTP/1.1" 403 404 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) I still can't log into Sunstone. The only other thing I see is the following error on the Chrome Developer Tools: opennebula.js:480 Uncaught SyntaxError: Unexpected token delete -- Hutson Betts Computer Science and Engineering Texas A&M University On Sun, 2011-12-18 at 22:29 +0100, Hector Sanjuan wrote: > Hi, > > I've tried your reverse proxy configuration and it does not work for me > unless I put a slash at the end of "/sunstone": > ! > <Location /sunstone/> > ProxyPass http://localhost:9869/ ttl=60 > ProxyPassReverse http://localhost:9869/ > </Location> > > Otherwise no .js and no .css load for me (im not sure why css does load > for you). The url to access must be "sunstone.server:port/sunstone/" with > a / at the end too. > > Can you try it? Thanks, > > Hector > > > En Sun, 18 Dec 2011 04:34:24 +0100, Hutson Betts <[email protected]> > escribió: > > > I'm currently having an issue logging into the Sunstone web interface > > using Sunstone's basic authentication. > > > > Visually, I can see the login panel just fine. However, when I enter in > > the credentials for the "oneadmin" user and press "Login", I am brought > > back to the login page with the following URL: > > https://localhost:9999/sunstone/?username=oneadmin&password=[PASSWORD] > > > > Now, my setup is a little convoluted to say the least. > > > > My Sunstone configuration file, /etc/one/sunstone-server.conf, is the > > following: > > # OpenNebula sever contact information > > :one_xmlrpc: http://localhost:2633/RPC2 > > # Server Configuration > > :host: 127.0.0.1 > > :port: 9869 > > :auth: basic > > # VNC Configuration > > :vnc_proxy_base_port: 29876 > > :novnc_path: /usr/share/one/noVNC > > > > My Apache site configuration file is the following: > > <IfModule mod_ssl.c> > > <VirtualHost _default_:443> > > ... > > <IfModule mod_proxy.c> > > <Location /occi> > > ProxyPass http://localhost:4567/ ttl=60 > > ProxyPassReverse http://localhost:4567/ > > </Location> > > </IfModule> > > > > <IfModule mod_proxy.c> > > <Location /sunstone> > > ProxyPass http://localhost:9869/ ttl=60 > > ProxyPassReverse http://localhost:9869/ > > </Location> > > </IfModule> > > ... > > > > I know the site configuration works just fine when interacting with the > > OCCI proxy. > > > > To gain access to the Sunstone server, I have to use SSH > > port-forwarding: > > ssh -A -L 9999:[OPENNEBULA SERVER]:443 [USERNAME]@[SERVER] > > > > > > The Sunstone log file shows the following: > > == Sinatra/1.3.1 has taken the stage on 9869 for development with backup > > from Thin > > 10.1.0.3 - - [17/Dec/2011 21:12:46] "GET / HTTP/1.1" 200 1518 0.0060 > > 10.1.0.3 - - [17/Dec/2011 21:12:48] "GET // HTTP/1.1" 200 1518 0.0016 > > 10.1.0.3 - - [17/Dec/2011 21:12:48] "GET //css/login.css HTTP/1.1" 200 > > 4056 0.0026 > > 10.1.0.3 - - [17/Dec/2011 21:12:48] > > "GET //images/opennebula-sunstone-big.png HTTP/1.1" 200 8084 0.0014 > > 10.1.0.3 - - [17/Dec/2011 21:12:48] "GET //images/panel.png HTTP/1.1" > > 200 5227 0.0018 > > 10.1.0.3 - - [17/Dec/2011 21:12:48] "GET //images/login.png HTTP/1.1" > > 200 4097 0.0011 > > 10.1.0.3 - - [17/Dec/2011 21:12:51] "GET //images/login.png HTTP/1.1" > > 200 4097 0.0013 > > 10.1.0.3 - - [17/Dec/2011 21:12:52] "GET //images/panel.png HTTP/1.1" > > 200 5227 0.0024 > > 10.1.0.3 - - [17/Dec/2011 21:12:52] > > "GET //images/opennebula-sunstone-big.png HTTP/1.1" 200 8084 0.0013 > > 10.1.0.3 - - [17/Dec/2011 21:12:58] "GET //images/login_over.png > > HTTP/1.1" 200 4351 0.0013 > > 10.1.0.3 - - [17/Dec/2011 21:12:59] > > "GET //?username=oneadmin&password=[PASSWORD] HTTP/1.1" 200 1518 0.0017 > > 10.1.0.3 - - [17/Dec/2011 21:13:11] > > "GET //?username=oneadmin&password=[PASSWORD] HTTP/1.1" 200 1518 0.0019 > > 127.0.0.1 - - [17/Dec/2011 21:19:14] > > "GET //?username=oneadmin&password=[PASSWORD] HTTP/1.1" 200 1518 0.0018 > > 10.1.0.3 - - [17/Dec/2011 21:21:13] > > "GET //?username=oneadmin&password=[PASSWORD] HTTP/1.1" 200 1518 0.0016 > > 10.1.0.3 - - [17/Dec/2011 21:21:13] "GET //css/login.css HTTP/1.1" 200 > > 4056 0.0011 > > 10.1.0.3 - - [17/Dec/2011 21:21:13] > > "GET //images/opennebula-sunstone-big.png HTTP/1.1" 200 8084 0.0012 > > 10.1.0.3 - - [17/Dec/2011 21:21:13] "GET //images/panel.png HTTP/1.1" > > 200 5227 0.0012 > > 10.1.0.3 - - [17/Dec/2011 21:21:13] "GET //images/login.png HTTP/1.1" > > 200 4097 0.0016 > > > > > > Apache log files on the server hosting Sunstone: > > 10.1.0.3 - - [17/Dec/2011:21:21:13 -0600] > > "GET /sunstone/?username=oneadmin&password=[PASSWORD] HTTP/1.1" 200 9461 > > "https://localhost:9999/sunstone/?username=oneadmin&password=[PASSWORD]"; > > "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 (KHTML, like > > Gecko) Chrome/6.0.472.63 Safari/534.3" > > > > 10.1.0.3 - - [17/Dec/2011:21:21:13 -0600] "GET /sunstone/css/login.css > > HTTP/1.1" 200 1428 > > "https://localhost:9999/sunstone/?username=oneadmin&password=[PASSWORD]"; > > "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 (KHTML, like > > Gecko) Chrome/6.0.472.63 Safari/534.3" > > > > 10.1.0.3 - - [17/Dec/2011:21:21:13 -0600] > > "GET /sunstone/images/opennebula-sunstone-big.png HTTP/1.1" 200 8223 > > "https://localhost:9999/sunstone/?username=oneadmin&password=[PASSWORD]"; > > "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 (KHTML, like > > Gecko) Chrome/6.0.472.63 Safari/534.3" > > > > 10.1.0.3 - - [17/Dec/2011:21:21:13 -0600] > > "GET /sunstone/images/panel.png HTTP/1.1" 200 3146 > > "https://localhost:9999/sunstone/?username=oneadmin&password=[PASSWORD]"; > > "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 (KHTML, like > > Gecko) Chrome/6.0.472.63 Safari/534.3" > > > > 10.1.0.3 - - [17/Dec/2011:21:21:13 -0600] > > "GET /sunstone/images/login.png HTTP/1.1" 200 3450 > > "https://localhost:9999/sunstone/?username=oneadmin&password=[PASSWORD]"; > > "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 (KHTML, like > > Gecko) Chrome/6.0.472.63 Safari/534.3" > > > > 10.1.0.3 - - [17/Dec/2011:21:21:14 -0600] "GET /favicon.ico HTTP/1.1" > > 403 404 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 > > (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3" > > > > > > Lastly, I'm hoping that having the username and password has parameters > > in the URL is part of the issue I'm having. Having those values as > > parameters in the URL means that they are logged in both Sunstone logs > > and Apache logs. Some what of a security issue/concern. > > > >
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
