Chaining backends does not work

Melok · May 24, 2022, 11:22am

I have this configuration in config.yml file:

authc:
      internal_auth:
        order: 4
        description: "HTTP basic authentication using the internal user database"
        http_enabled: true
        transport_enabled: true
        http_authenticator:
          type: basic
          challenge: true
        authentication_backend:
          type: internal
      kerberos_auth_domain:
        http_enabled: true
        order: 2
        http_authenticator:
          type: kerberos
          challenge: true
          config:
            krb_debug: true
            strip_realm_from_principal: true
        authentication_backend:
          type: noop

but when I try to login by admin:admin (curl -v -XGET https://localhost:9200 -u 'admin:admin' --insecure) - I get response {"error":{"header":{"WWW-Authenticate":"Negotiate"}}}.
How can I auth by internal user?

Anthony · May 24, 2022, 12:24pm

Hi @Melok You have configured internal auth as order 4, but your order 2 (kerberos) has challenge flag set to true, meaning it will never get past order 2.

Hope this helps

Melok · May 24, 2022, 2:03pm

It’s works for me. Thanks

Topic		Replies	Views
Proxy auth doesn't work Security	2	808	February 17, 2021
V: 1.13 - SAML and Basic Auth will not co-exist Security	2	546	February 19, 2021
Ordering of authentication sequences Security	2	792	April 10, 2021
Getting spam on log : Invalid 'Authorization' header, send 401 and 'WWW-Authenticate Basic' Security	5	1809	May 20, 2021
Error in Auth with SAML using Authentik Security troubleshoot , security-issue	11	371	October 14, 2024

Chaining backends does not work

Related topics