I am trying to connect in a websocket via browser (javascript) in order to consume a Log and I am having no success. The error message is HTTP Authentication failed; no valid credentials available.
I already generate a token and when I test it via Postman I can connect using Authorizatior Bearer <token>.
I tried inserting the token in the URL: wss://token-xxxxx:xxxxxxxxxxxxxxxxxxx@rancher.tks.sh...
As a query parameter: wss://rancher.tks.sh...&token=token-xxxxx:xxxxxxxxxxxxxxxxxxx
Inside the connection: new WebSocket(wss://rancher.tks.sh…, ['access_token', token=token-xxxxx:xxxxxxxxxxxxxxxxxxx'']);
And none of these approaches has succeeded.
Just to mention, if I am logged-in in another tab in Rancher, I can consume the log, but probably because the browser send the cookies with the authorization.
Browsers don’t send basic auth to the server (wss://token-...:...@host is just ignored), and the server does not accept a token anywhere other than the Authorization header (the rest).
It also should be verifying that the Origin header is the same as the Host header, so even if you had a way to pass valid credentials just opening a socket to a different domain won’t work. And for HTTP requests there’s no CORS headers sent…
I have similar question! I am trying to access the Rancher 2.0 api from a web application in another domain and I am getting cors errors. I was able to get an ingress that sets the cors headers when trying to access web server that I created and deployed to the cluster. However, I am not sure how to configure an ingress for allow cors when trying to access the Rancher API.