When registering a custom AzureStack cloud (with a custom STS), az login tries to contact STS on 443 instead of using the TCP port specified when registering the cloud.
az cloud register -n Azs --endpoint-active-directory https://login.azs:3001/adfs --endpoint-active-directory-graph-resource-id https://graph.azs:3002/ --endpoint-active-directory-resource-id https://management.azs --endpoint-resource-manager https://resourcemanagerweb.azs:40007 --suffix-storage-endpoint azs --suffix-keyvault-dns vault.azs
az login
Observed:
The command failed with an unexpected error. Here is the traceback:
HTTPSConnectionPool(host='login.azs', port=443): Max retries exceeded with url: /adfs/.well-known/openid-configuration (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)'))
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 174, in _new_conn
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/connection.py", line 96, in create_connection
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/connection.py", line 86, in create_connection
TimeoutError: [WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 699, in urlopen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 382, in _make_request
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 1010, in _validate_conn
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 358, in connect
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 179, in _new_conn
urllib3.exceptions.ConnectTimeoutError: (<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)')
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 439, in send
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 783, in urlopen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 755, in urlopen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/retry.py", line 574, in increment
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.azs', port=443): Max retries exceeded with url: /adfs/.well-known/openid-configuration (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 231, in invoke
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 658, in execute
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 721, in _run_jobs_serially
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 692, in _run_job
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 328, in call
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/profile/custom.py", line 139, in login
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/_profile.py", line 155, in login
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/identity.py", line 134, in login_with_auth_code
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/identity.py", line 106, in _msal_app
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/application.py", line 1485, in init
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/application.py", line 455, in init
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/authority.py", line 100, in init
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/authority.py", line 160, in tenant_discovery
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/individual_cache.py", line 269, in wrapper
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 555, in get
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 542, in request
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 655, in send
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 504, in send
requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='login.azs', port=443): Max retries exceeded with url: /adfs/.well-known/openid-configuration (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)'))
Expected:
az login will contact custom STS that was configured with the custom cloud, i.e. https://login.azs:3001 and not https://login.azs:443
When registering a custom AzureStack cloud (with a custom STS), az login tries to contact STS on 443 instead of using the TCP port specified when registering the cloud.
az cloud register -n Azs --endpoint-active-directory https://login.azs:3001/adfs --endpoint-active-directory-graph-resource-id https://graph.azs:3002/ --endpoint-active-directory-resource-id https://management.azs --endpoint-resource-manager https://resourcemanagerweb.azs:40007 --suffix-storage-endpoint azs --suffix-keyvault-dns vault.azs
az login
Observed:
The command failed with an unexpected error. Here is the traceback:
HTTPSConnectionPool(host='login.azs', port=443): Max retries exceeded with url: /adfs/.well-known/openid-configuration (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)'))
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 174, in _new_conn
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/connection.py", line 96, in create_connection
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/connection.py", line 86, in create_connection
TimeoutError: [WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 699, in urlopen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 382, in _make_request
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 1010, in _validate_conn
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 358, in connect
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 179, in _new_conn
urllib3.exceptions.ConnectTimeoutError: (<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)')
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 439, in send
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 783, in urlopen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 755, in urlopen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/retry.py", line 574, in increment
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.azs', port=443): Max retries exceeded with url: /adfs/.well-known/openid-configuration (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 231, in invoke
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 658, in execute
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 721, in _run_jobs_serially
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 692, in _run_job
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 328, in call
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/profile/custom.py", line 139, in login
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/_profile.py", line 155, in login
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/identity.py", line 134, in login_with_auth_code
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/identity.py", line 106, in _msal_app
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/application.py", line 1485, in init
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/application.py", line 455, in init
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/authority.py", line 100, in init
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/authority.py", line 160, in tenant_discovery
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/individual_cache.py", line 269, in wrapper
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 555, in get
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 542, in request
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 655, in send
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 504, in send
requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='login.azs', port=443): Max retries exceeded with url: /adfs/.well-known/openid-configuration (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x04B38718>, 'Connection to login.azs timed out. (connect timeout=None)'))
Expected:
az login will contact custom STS that was configured with the custom cloud, i.e. https://login.azs:3001 and not https://login.azs:443