This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Report] Reports not working with OIDC auth #14330
Comments
cc @nytai |
cc @dpgaspar |
what's the value for |
What? Can't see this variable in the docs 🤔 🙃 |
Just double checked it is there: https://superset.apache.org/docs/installation/alerts-reports Were you able to make it work? |
It's written under "Old Reports feature (version 0.38 and below)" but it's still relevant? Weird Anyway: I've tried to set it up BUT There's another error
Maybe It's caused by the fact we are using OIDC login (https://stackoverflow.com/questions/54010314/using-keycloakopenid-connect-with-apache-superset ... this solution bcs solution in your docs were not working too - same as this feature)
|
@dusatvoj good point regarding the docs, We'll fix it. Are you using docker? have you executed the curl from inside the container? |
No, I have dedicated VM for superset ... and I've executed |
it should not be OIDC since your still using session cookies. that's what the worker is generating for |
yes, on the same machine |
ok, do you have geckodriver installed and firefox or chromedriver and chrome? |
I have installed
(I've switched experimentally to |
|
What should be configured in |
@dpgaspar I've found a solution. There were issue with bad |
There's related log from celery ...
|
@dusatvoj if you login to your server/container are you able to launch |
It looks that |
I'm troubleshooting firefox right now, it seems that everything works just fine with Solved that one with:
did you do this to solve one of your first problems? regarding the timeout to |
I've solved permissions issue by changing Headless browser is redirected to
and after that it's redirected to Keycloak instance (OIDC provider) ...
... and again and again ... ( |
I see so it may be because of: https://github.com/apache/superset/blob/master/superset/utils/machine_auth.py#L53 |
@dpgaspar
I am running it in the virtual environment without docker we have LDAP enabled , i have the property |
@dpgaspar |
@CountRedClaw good WA but not enough 😕 I still cant generate because of the cookie 🤔 Do you have an idea how to set it properly? |
@dpgaspar , thanks for the hint. It might even suffice to overwrite the webdriver auth function (defined by WEBDRIVER_AUTH_FUNC). We use Azure as OAuth provider and any /login request is redirected there and then selenium times out. Works perfectly, when we added this to our superset_config.py:
|
what's the solution for this? |
There's just a workaround with nonexistent url |
I am facing the same issue. Can someone tell me what to add to superset config to enable TRACE level logging for the geckodriver so that I can see why I am getting this error:
|
I found the logs listing HTTP requests in the main superset app container. The chart is not loading with 401 status.
The default |
I'm using self-hosted keycloak and the workaround from @heul 's comment. It works as expected. |
So @heul 's solution now works for me. The problem was I did not set THUMBNAIL_SELENIUM_USER. The default "Admin" was being used, but I had deactivated that account. |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Can't send Report emails with error
Report Schedule sellenium user not found
.Expected results
Can send Report emails
Actual results
Almost nothing in logs but
Report Schedule sellenium user not found
error in reports action log.Screenshots
How to reproduce the bug
Setup smth like this
in config but no emails sent (or tried to send).
Environment
(please complete the following information):
Superset 1.1.0
Python 3.8.7
v12.21.0
Checklist
Make sure to follow these steps before submitting your issue - thank you!
Additional context
(every hour)
The text was updated successfully, but these errors were encountered: