Infinite authentication loop after adding basic auth

hi,

i just tried to add basic auth and tls to the api/dashboard site of traefik. TLS is working but basic auth is ending in an infinite auth loop. I used the following configuration options:

traefik.enable: 'true' 
traefik.http.routers.traefik_https.rule: Host(`home`, `home.lan`) 
traefik.http.routers.traefik_https.entrypoints: https 
traefik.http.routers.traefik_https.tls: 'true' 
traefik.http.routers.traefik_https.service: api@internal 
traefik.http.routers.traefik_https.middlewares: basic-auth-global 
traefik.http.middlewares.basic-auth-global.basicauth.users: '<user>:<encodedpasswd>'

I created the encoded passwd by using:

echo $(htpasswd -nB username) | sed -e s/\\$/\\$\\$/g

Any idea what i am doing wrong?

Hi @foxcris,
Thanks for your interest in Traefik.

With the given configuration, I do not manage to find the issue. I booted up a traefik
with your arguments and it works as expected.
Could you provide your configuration files?

Thanks,
Maxence

hi @moutoum,

sorry for the delay. Attached you can find my current configuration files of traefik.

Kind regards,
foxcris

Hi @foxcris,

I do not manage to reproduce the issue. This is the scenario reproducing your use case (with less advanced TLS management) that is working. Could you check you have something similar?

version: '3.7'

services:
  traefik:
    image: traefik:v2.7
    ports:
      - "80:80"
      - "443:443"
    command:
      - --log.level=debug
      - --api.dashboard=true
      - --api.insecure=false
      - --providers.docker.exposedByDefault=false
      - --entrypoints.http.address=:80
      - --entrypoints.http.http.redirections.entrypoint.scheme=https
      - --entrypoints.http.http.redirections.entrypoint.to=https
      - --entrypoints.https.address=:443
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik_https.rule=Host(`localhost`)"
      - "traefik.http.routers.traefik_https.entrypoints=https"
      - "traefik.http.routers.traefik_https.tls=true"
      - "traefik.http.routers.traefik_https.service=api@internal"
      - "traefik.http.routers.traefik_https.middlewares=auth"
      - "traefik.http.middlewares.auth.basicauth.users=toto:$$2y$$05$$S0cQqzm8o.G4bxboJKLHqOQuJyf4h0LOX5M779tGDnxnYArWchaGS"
    tty: true
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro

networks:
  traefik_proxy: {}

EDIT: User password is "toto:toto"

If you do not manage to find the issue, what is this infinite loop exactly? What do you see and where?

Thanks,
Maxence

With my configuration i get the request for the credentials but i cannot get past the authentication request. I am getting the authentication request over and over again.

Same here. I am using Letsencrypt to generate SSL certificates and when I go to my endpoint: https://my.domain.com, I get the infinite loop even after copy pasting the same password. @foxcris Were you able to resolve this issue?

Test with user/pass from simple Traefik example. Note that when supplying the user/pass in labels, some characters like $ need to be escaped with another $.

No, i wasn't able to resolve the issue.