Forward auth doesn't redirect back

sisuser1987 · April 27, 2020, 10:28pm

hi, I am trying to setup auth using forward auth middleware. The auth server is running in same docker cluster. A request is able to hit the auth server url, but never resumes the flow from auth middleware in traefik.

The result it that original request, example /user gets redirected to /verify on auth server and it return 200/OK to original request. I was expecting the original request to resume the flow once auth server returns 200/OK.

Does the auth server need to handle redirection to original request or am I missing something in config here?

Here is my config:

traefik:
    image: traefik:v2.1.2
    command: 
      - --entryPoints.http.address=:80
      - --entryPoints.https.address=:443
      - --providers.docker.exposedByDefault=false
      - --accesslog=true 
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock   
      - ./traefik/traefik.toml:/etc/traefik/traefik.toml
      - ./traefik/traefik.config.toml:/etc/traefik/traefik.config.toml
      - ./certs:/etc/certs
    labels:
      - "traefik.http.routers.traefik.rule=Host(`${HOST}`) && (PathPrefix(`/services/traefik`) || PathPrefix(`/api`))"
      - "traefik.http.routers.traefik.service=api@internal"
      - "traefik.http.routers.traefik.entrypoints=https"
      - "traefik.http.routers.traefik.tls=true"
      - "traefik.http.routers.traefik.middlewares=strip, auth"
      - "traefik.http.middlewares.strip.stripprefix.prefixes=/services/traefik"
      - "traefik.http.middlewares.auth.basicauth.users=admin:admin"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.redirs.entrypoints=http"
      - "traefik.http.routers.redirs.middlewares=redirect-to-https"

auth:
    build: ./auth
    ports:
      - 8100
    labels:
      - "traefik.enable=true"    
      - "traefik.http.routers.auth.rule=Host(`${HOST`) && PathPrefix(`/microservice/auth`)"
      - "traefik.http.routers.auth.entrypoints=https"
      - "traefik.http.routers.auth.tls=true"

user:
    build: ./user
    ports:
      - 8100
    labels:
      - "traefik.enable=true"    
      - "traefik.http.routers.user.rule=Host(`${HOST`) && PathPrefix(`/microservice/user`)"
      - "traefik.http.routers.user.entrypoints=https"
      - "traefik.http.routers.user.tls=true"
      - "traefik.http.routers.user.middlewares=authme"
      - "traefik.http.middlewares.authme.forwardauth.address=http://HOST/microservice/auth/verify"
      - "traefik.http.middlewares.authme.forwardauth.trustForwardHeader=true"
      - "traefik.http.middlewares.authme.forwardauth.authResponseHeaders=X-Forward-Auth-User, X-Forward-Auth-User-Role"

alex1 · December 9, 2021, 9:23am

Hello,
Did you find finally the cause of the issue ? Did you resolved it ?
Thanks

Topic		Replies	Views
Traefik foward auth / dotnet core / identityserver Traefik v2 (latest) docker	0	1505	January 10, 2020
Forward Auth with own Auth Server Traefik v2 (latest) middleware	1	543	May 29, 2021
Middleware forwardauth does not apply Traefik v2 (latest) file	12	4265	October 1, 2019
Traefik 2.0 middleware does not apply Traefik v2 (latest) docker	10	3467	October 10, 2019
Traefik "authForward" middleware with Auth0 as external auth/autho server Traefik v2 (latest) middleware	3	819	September 22, 2023

Forward auth doesn't redirect back

Related Topics