WSS Authentication failure

olds463 · September 1, 2016, 2:02pm

Howdy,

I have an nginx proxy infront of my rancher instance serving HTTPS which is setup per the rancher documentation. I am trying to authenticate to a WSS socket at myhost/v1/projects/1a39/subscribe?eventNames=resource.change.

Using HTML5 websockets my connection string is like so:

var ws = new WebSocket("wss://apikey:secretkey@myhost/v1/projects/1a39/subscribe?eventNames=resource.change");

However, in javascript console I receive the following error:

failed: HTTP Authentication failed; no valid credentials available

I am basing this off of this gist

What am I doing wrong here?

olds463 · September 1, 2016, 3:22pm

so it turns out most browsers dont support the authorization header for Websockets, which is this issue. One way I can determine is to pass a JWT token into the URL, but how does this work with the API? Posting to /v1/token requires a local user?

vincent · September 1, 2016, 3:42pm

Token takes a code, which has a meaning that depends on the auth provider configured, but it is not possible to generate a token from an API key.

The straightforward solution is to proxy the request and add the authorization header there; here’s the proxy that’s in the UI for development: https://github.com/rancher/ui/blob/master/server/proxies/api.js#L18-L25

olds463 · September 1, 2016, 3:51pm

Thanks @vincent. Kind of the solution I thought of when fetching lunch. Wasn’t sure if their was a more native approach or not.

Regards

Topic		Replies	Views
Websocket authentication Rancher	3	2394	November 8, 2018
Rancher API wss connection Rancher 1.x	3	2755	May 25, 2016
External websocket access from a 3rd party application Rancher 1.x	20	5691	July 25, 2016
Websocket connections ha cluster: HTTP Auth failed Rancher 1.x	0	1094	September 23, 2016
Difficulty authenticating websocket connection Rancher	1	390	December 24, 2020

WSS Authentication failure

Related topics