ForwardAuth does not pass X-Forwarded-Uri

Traefik Traefik v2 (latest)
1

When using the forwardAuth middleware for endpoints the targeted auth service does not receive the original URL.

I was expecting this to be passed from traefik to the external auth service via the x-forwarded-uri header.

Is this a bug in the 2.0 release or is there a setting I am missing ????

Here are the headers that are passed to the auth service

x-forwarded-for: "10.255.0.29"
x-forwarded-host: "subdomain.domain.tld"
x-forwarded-port: "443"
x-forwarded-proto: "https"
x-forwarded-server: "65dbbd9dba71"
x-real-ip: "10.255.0.29"
x-requested-with: "XMLHttpRequest"

Here is my re-usable forwardAuth middleware labels.

- "traefik.http.middlewares.jwt-auth.forwardauth.address=https://subdomain.domain.tld/api/v1/auth"
- "traefik.http.middlewares.jwt-auth.forwardauth.tls.insecureSkipVerify=true"
- "traefik.http.middlewares.jwt-auth.forwardauth.trustForwardHeader=true"
- "traefik.http.middlewares.jwt-auth.forwardauth.authResponseHeaders=X-Auth-Token, X-User-Id"
2

Hello,

I think your problem can be solved by trusting X-Forwarded header:

https://docs.traefik.io/v2.0/routing/entrypoints/#forwarded-header

3

Thanks @ldez

By adding

      - --entryPoints.web.forwardedHeaders.insecure
      - --entryPoints.websecure.forwardedHeaders.insecure

I am now able to receive the X-Forwarded-Uri at the authentication endpoint.