New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Api behind Basic authentication and NTLM authentication #39

Open
zychj1 opened this Issue Nov 20, 2015 · 62 comments

Comments

Projects
None yet
@zychj1

zychj1 commented Nov 20, 2015

Hi, I have api on iis server behind basic windows authentication and i cannot use cors. So I tried to use this module but however I configure it I cannot log into api and I get 401 every time

I tried

    server.middleware = proxyMiddleware(
        '/api',
        {
            target: 'API_HOST',
            logLevel: 'debug'
        }
    );
    server.middleware = proxyMiddleware(
        '/api',
        {
            target: 'API_HOST',
            logLevel: 'debug',
            auth: 'LOGIN:PASS'
        }
    );
    server.middleware = proxyMiddleware(
        '/api',
        {
            target: 'http://LOGIN:PASS@API_HOST',
            logLevel: 'debug'
        }
    );
@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 20, 2015

Hi, I haven't used the auth option personally yet.

the auth option is provided by the underlying http-proxy library.
Did a search in their https://github.com/nodejitsu/node-http-proxy/tree/master/examples, but I could not find any examples how to use the auth option.

But I did found a unit test:
https://github.com/nodejitsu/node-http-proxy/blob/302d981dd2cf06dbf751b1f64e3dfea08d0f9476/test/lib-http-proxy-passes-web-incoming-test.js#L303

Their unit test looks like the 2nd case you've provided.

Is 'API_HOST' really your target?
the target should include the http: or https: protocol

@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 20, 2015

You could try setting changeOrigin to true and see if that helps.

server.middleware = proxyMiddleware(
  '/api',
  {
    target: 'API_HOST',
    logLevel: 'debug',
    auth: 'LOGIN:PASS',
    changeOrigin: true
  }
);
@zychj1

This comment has been minimized.

zychj1 commented Nov 25, 2015

Yep API HOST is really my target, when i go to localhost:3000/api uri directly in the browser i get 401 error page and requests are forwarded to correct url but i cannot authorize.
i get something in header like:

 connection:close
 content-type:text/html
 date:Wed, 25 Nov 2015 06:53:58 GMT
 server:Microsoft-IIS/7.5
 Transfer-Encoding:chunked
 www-authenticate:Negotiate, NTLM
 x-powered-by:ASP.NET

from browse ajax request:

 access-control-allow-credentials:true
 access-control-allow-headers:Origin,X-Requested-With,Content-Type,Accept
 access-control-allow-methods:GET,HEAD,POST,PUT,DELETE,OPTIONS
 access-control-allow-origin:http://localhost:3000
 connection:close
 content-length:1293
 content-type:text/html
 date:Wed, 25 Nov 2015 07:00:03 GMT
 server:Microsoft-IIS/7.5
 www-authenticate:Negotiate, NTLM
 x-powered-by:ASP.NET
@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 25, 2015

http-proxy-middleware uses http-proxy to do the actual proxy work.

This is what I found in their NTLM authentication example:
https://github.com/nodejitsu/node-http-proxy/blob/master/examples/http/ntlm-authentication.js

You'll have to modify the headers.
The http-proxy proxyRes event is exposed via the http-proxy-middlware option: onProxyRes.
Example: https://github.com/chimurai/http-proxy-middleware/blob/master/recipes/onProxyRes.md

If I combine the two examples you'll get this config:

var proxyMiddleware = require("http-proxy-middleware");

var onProxyRes = function (proxyRes, req, res) {
     var key = 'www-authenticate';
     proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
};

var options = {
    target: 'API_HOST',
    logLevel: 'debug',
    auth: 'LOGIN:PASS',
    onProxyRes: onProxyRes
};

var proxy = proxyMiddleware('/api', options);

Let me know if this works.

If it doesn't, you might want to ask the question at: https://github.com/nodejitsu/node-http-proxy/issues; since the authentication part is handled by the http-proxy library.

@zychj1

This comment has been minimized.

zychj1 commented Nov 26, 2015

I can see some progress for

    var onProxyRes = function (proxyRes, req, res) {
        var key = 'www-authenticate';
        proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
    };

    server.middleware = proxyMiddleware(
        '/api',
        {
            target: 'API_HOST',
            logLevel: 'debug',
            auth: 'login:pass',
            onProxyRes: onProxyRes
        }
    );

right now on going on localhost:3000/api is infinite authorization popup, i will ask on the other project as You suggest

@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 26, 2015

That sounds promising.

I noticed the usage of agentkeepalive in their example;

Did a search on the nuts and bolts of the NTLM Authentication Scheme:
http://www.innovation.ch/personal/ronald/ntlm.html

NTLM Authentication Scheme for HTTP

Keeping the connection alive

This scheme authenticates connections, not requests. This manifests itself in that the network connection must be kept alive during the second part of the handshake

This explains why 'keep alive' is needed.

Updated configuration:

var Agent = require('agentkeepalive');
var proxyMiddleware = require("http-proxy-middleware");

var keepaliveAgent =  new Agent({
    maxSockets: 100,
    keepAlive: true,
    maxFreeSockets: 10,
    keepAliveMsecs:1000,
    timeout: 60000,
    keepAliveTimeout: 30000 // free socket keepalive for 30 seconds
});

var onProxyRes = function (proxyRes, req, res) {
     var key = 'www-authenticate';
     proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
};

var options = {
    target: 'API_HOST',
    logLevel: 'debug',
    auth: 'LOGIN:PASS',
    agent: keepaliveAgent,
    onProxyRes: onProxyRes
};

var proxy = proxyMiddleware('/api', options);
@chimurai

This comment has been minimized.

Owner

chimurai commented Dec 4, 2015

@zychj1 any progress on this issue?

@pierreconstantial

This comment has been minimized.

pierreconstantial commented Apr 25, 2016

@chimurai I run in exactly the same problem and I can confirm that the configuration provided in your comment from Nov 26, 2015 (with keepalive and header rewriting) is solving the issue. Many thanks!

@chimurai

This comment has been minimized.

Owner

chimurai commented Apr 25, 2016

@pierreconstantial
Glad to hear the example NTLM configuration solves the issue.
Thanks for the confirmation!

@chimurai chimurai added question and removed awaiting response labels Apr 25, 2016

@chimurai chimurai changed the title from Api behind basic auth to Api behind Basic authentication and NTLM authentication Apr 25, 2016

@EladBezalel

This comment has been minimized.

EladBezalel commented Nov 14, 2016

hey @chimurai i'm having the same problem discussed on nodejs/node#8004,
I've tried to use the same configuration as here and also use the simple Agent with keepAlive option of node's http module.

I'm using webpack-dev-server with the proxy property and having a WebApi server with NTLM authentication.

Thanks ahead for your help!

@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 14, 2016

@EladBezalel can you provide a minimal setup in which the problem is exposed?

@EladBezalel

This comment has been minimized.

EladBezalel commented Nov 14, 2016

In my webpack.js:

{
  devServer: {
    '/api/*': {
      target: 'http://localhost:12121',
      logLevel: 'debug',
      agent: new Agent({
        maxSockets: 100,
        keepAlive: true,
        maxFreeSockets: 10,
        keepAliveMsecs:1000,
        timeout: 60000,
        keepAliveTimeout: 30000 // free socket keepalive for 30 seconds
     }),
     onProxyRes: proxyRes => {
        var key = 'www-authenticate';
        proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
      }
    }
  }
}
@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 14, 2016

Are you using agentkeepalive as Agent? (example)

var Agent = require('agentkeepalive');
@EladBezalel

This comment has been minimized.

EladBezalel commented Nov 14, 2016

Yes I am

@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 14, 2016

Not sure what causes the issue; Kinda turns into a guessing game...
Can you provide a minimal working example?

@EladBezalel

This comment has been minimized.

EladBezalel commented Nov 14, 2016

I'll try to have it tomorrow, I also tried it without webpack-dev-server just simple express and the middleware and got the same error..

@EladBezalel

This comment has been minimized.

EladBezalel commented Nov 16, 2016

Here it is: https://ufile.io/c3215
Three zips in there -

  1. proxy - the express server using http-proxy-middleware
  2. owin - source code of the c# console application using Owin that answers any request with status 200
  3. Debug - the exe of the owin server (listening in port 12345)

Run the owin server exe, and on your browser go to http://localhost:12345/api/whatever and see that you get a page with {"status":"ok"} in it,
now go to http://localhost:3000/api/whatever and see how the proxy server dies with the same error from above..

thanks!

@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 16, 2016

Thanks for the effort!
This is what I see when I turn on the node debug logging:

$ NODE_DEBUG=http,net node index.js

[HPM] Proxy created: /  ->  http://localhost:12345
[HPM] Subscribed to http-proxy events:  [ 'proxyRes', 'error', 'close' ]
NET 4776: listen2 null 3000 4 false undefined
NET 4776: _listen2: create a handle
NET 4776: bind to ::
NET 4776: onconnection
NET 4776: _read
NET 4776: Socket._read readStart
HTTP 4776: SERVER new http connection
[HPM] GET /api/whatever -> http://localhost:12345
NET 4776: createConnection [ { keepAliveTimeout: 30000,
    timeout: 60000,
    keepAliveMsecs: 1000,
    maxFreeSockets: 10,
    keepAlive: true,
    maxSockets: 100,
    path: null,
    localAddress: undefined,
    agent:
     Agent {
       domain: null,
       _events: [Object],
       _eventsCount: 4,
       _maxListeners: undefined,
       defaultPort: 80,
       protocol: 'http:',
       options: [Object],
       requests: {},
       sockets: [Object],
       freeSockets: {},
       keepAliveMsecs: 1000,
       keepAlive: true,
       keepAliveTimeout: 30000,
       timeout: 60000,
       maxSockets: 100,
       maxFreeSockets: 10,
       createSocketCount: 0,
       closeSocketCount: 0,
       errorSocketCount: 0,
       requestCount: 0,
       timeoutSocketCount: 0 },
    headers:
     { 'accept-language': 'en-US,en;q=0.8,nl;q=0.6',
       'accept-encoding': 'gzip, deflate, sdch',
       dnt: '1',
       accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
       'user-agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36',
       'upgrade-insecure-requests': '1',
       'cache-control': 'max-age=0',
       connection: 'keep-alive',
       host: 'localhost:3000' },
    method: 'GET',
    secureProtocol: undefined,
    ciphers: undefined,
    ca: undefined,
    cert: undefined,
    passphrase: undefined,
    key: undefined,
    pfx: undefined,
    socketPath: undefined,
    hostname: 'localhost',
    host: 'localhost',
    port: '12345',
    servername: 'localhost',
    encoding: null } ]
NET 4776: pipe false null
NET 4776: connect: find host localhost
NET 4776: connect: dns options { family: undefined, hints: 1024 }
HTTP 4776: SERVER socketOnParserExecute 426
NET 4776: _read
NET 4776: _read wait for connection
HTTP 4776: outgoing message end.
NET 4776: afterConnect
NET 4776: _read
NET 4776: Socket._read readStart
NET 4776: onread 140
NET 4776: got data
HTTP 4776: AGENT incoming response!
HTTP 4776: AGENT isHeadResponse false
NET 4776: _read
HTTP 4776: AGENT socket keep-alive
HTTP 4776: outgoing message end.
[HPM] GET /api/whatever -> http://localhost:12345
HTTP 4776: SERVER socketOnParserExecute 524
_stream_writable.js:361
  cb();
  ^

TypeError: cb is not a function
    at afterWrite (_stream_writable.js:361:3)
    at onwrite (_stream_writable.js:352:7)
    at WritableState.onwrite (_stream_writable.js:89:5)
    at Socket._writeGeneric (net.js:714:5)
    at Socket._write (net.js:724:8)
    at doWrite (_stream_writable.js:307:12)
    at writeOrBuffer (_stream_writable.js:293:5)
    at Socket.Writable.write (_stream_writable.js:220:11)
    at Socket.write (net.js:650:40)
    at ClientRequest.OutgoingMessage._writeRaw (_http_outgoing.js:167:23)
@chimurai

This comment has been minimized.

Owner

chimurai commented Nov 16, 2016

This might be a Node issue.

Found this thread: nodejs/node#8650

Think your isolated example might be really helpful to solve the issue.

@oshri551

This comment has been minimized.

oshri551 commented Jan 1, 2017

Hey @chimurai , I used you settings as described above but still stuck on the infinite authentication popup before those settings it was 401.

my web api authentication is as follow: <authentication mode="Windows"/>

devServer: {
      port: METADATA.port,
      host: METADATA.host,
      historyApiFallback: true,
      watchOptions: {
        aggregateTimeout: 300,
        poll: 1000
      },
      proxy: {
        '/api': {
          target: 'http://localhost:4640/',
          logLevel: 'debug',
          agent: new Agent({
            maxSockets: 100,
            keepAlive: true,
            maxFreeSockets: 10,
            keepAliveMsecs:1000,
            timeout: 60000,
            keepAliveTimeout: 30000 // free socket keepalive for 30 seconds
          }),
          onProxyRes: proxyRes => {
            console.log("onProxyRes event", proxyRes);
            var key = 'www-authenticate';
            proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
          }
        }
      }
    }

@chimurai chimurai reopened this Jan 11, 2017

@chimurai

This comment has been minimized.

Owner

chimurai commented Jan 11, 2017

Reopening this issue, since multiple users are facing this issue. Hopefully someone more knowledgeable on Node + NTLM can help you guys out.

@EladBezalel

This comment has been minimized.

EladBezalel commented Mar 6, 2017

@oshri551 When the major version is 0, it doesn't automatically upgrade patches, simply because it's considered pre-release and can break at any time..
I haven't got time to check it out, but i plan doing it this week so i'd keep you posted

@ktersius

This comment has been minimized.

ktersius commented Mar 7, 2017

@oshri551
@EladBezalel
@chimurai

Also not working here, getting infinite popup loop.

I can also confirm that my http-proxy-middleware is at version 0.17.4 and using webpack-dev-server 2.4.1

Webpack config

proxy: {
    "/api": {
        target: PROXYTARGET,
        changeOrigin: true,
        logLevel: 'debug',
        agent: new Agent({
            maxSockets: 100,
            keepAlive: true,
            maxFreeSockets: 10,
            keepAliveMsecs: 1000,
            timeout: 60000,
            keepAliveTimeout: 30000 // free socket keepalive for 30 seconds
        }),
        onProxyRes: proxyRes => {
            var key = 'www-authenticate';
            proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
        }
    }
}
@EladBezalel

This comment has been minimized.

EladBezalel commented Mar 21, 2017

It's working! Thank you very much @chimurai

@charleshetier

This comment has been minimized.

charleshetier commented Apr 7, 2017

Hello,

@chimurai
I keep having the authentication popup on my side. I fecthed the last version of webpack-dev-server.

I managed to create a little step by step process to reproduce the issue.
I pushed it on a github project here:
https://github.com/charleshetier/bench.ntlm.webpackserver

The readme contains the information on how to have the authentication popup. It may appear very weird but this is the only way I found to have this unwanted authentication popup almost for sure.

my agent (keepaliveagent) is setup this way:

return new Agent({
    maxSockets: 100, 
    keepAlive: true,
    maxFreeSockets: 1024,
    keepAliveMsecs:1000,
    timeout: 10000,    
    keepAliveTimeout: 5000   
  });

from the shrinkwrap, the http-proxy-middleware version is: 0.17.4

The server works only on windows...

Am I doing something wrong here?...
Thanks a lot

@Hammer82

This comment has been minimized.

Hammer82 commented Apr 10, 2017

Hello,
Is there any known solution for windows authentication when using webpack dev server? I have tried to configure it in the same way as proposed earlier in this thread, but I still keep having the authentication popup.

@bac42x

This comment has been minimized.

bac42x commented Apr 10, 2017

@Hammer82, I was only able to solve it by modifying the server. In my case, this meant intercepting the OPTIONS request in our OWIN WebApi service by using the HttpListener.AuthenticationSchemeSelectorDelegate. I could not find a way to solve it from the client.

@fayezmm

This comment has been minimized.

fayezmm commented Apr 23, 2017

Hello, Any news about webpack-dev-server support yet ?

@bjg96

This comment has been minimized.

bjg96 commented Apr 24, 2017

I think I found a solution to the infinite popups, I simply changed the maxSockets to 1. Probably not the best solution but it seems to work.

My Agent is set up this way:

return new Agent({
    maxSockets: 1, 
    keepAlive: true,
    maxFreeSockets: 10,
    keepAliveMsecs:100000,
    timeout: 600000,
    keepAliveTimeout: 90000   
  });

Hope that helps!

@imsontosh

This comment has been minimized.

imsontosh commented Apr 25, 2017

Hello, Any news about webpack-dev-server support yet ?

@charleshetier

This comment has been minimized.

charleshetier commented Apr 25, 2017

@bjg96 Maybe it solves the problem in your specific context and this could be a clue to understand why it doesn't work in some specific cases.
However as far as I understood the way the agent works, with maxsockets to 1, you won't be able to handle simultaneous requests.
I mean the popup will appear if you are making 2 ajax requests at the same time for example

@Hammer82

This comment has been minimized.

Hammer82 commented Apr 25, 2017

I havet still not found any solution for my implementation, so I decided for the moment to not use Windows authentication combined with webpack dev server.

@chimurai

This comment has been minimized.

Owner

chimurai commented Apr 25, 2017

Reopening issue since not all NTLM issues seem to be resolved.

@charleshetier Would be great if you can reproduce the issue in a vanilla setup. (Example: #39 (comment))

Curious if the issue persists in your demo setup: https://github.com/charleshetier/bench.ntlm.webpackserver

@chimurai chimurai reopened this Apr 25, 2017

@jndietz

This comment has been minimized.

jndietz commented Jun 8, 2017

My recommendation is that you replace webpack-dev-server with express, webpack-hot-middleware and webpack-dev-middleware. I am able to hit my secured API endpoints with the express proxy and then serve my React app with the other two middleware packages. It requires a bit more configuration, but it works really well for me.

This is my server.js configuration:

var webpack = require("webpack");
var Agent = require("agentkeepalive");
//var WebpackDevServer = require('webpack-dev-server');
var config = require("./webpack.config.js")({});
var https = require("https");
var proxy = require('http-proxy-middleware');
const express = require("express");
const webpackDevMiddleware = require("webpack-dev-middleware");
const webpackHotMiddleware = require("webpack-hot-middleware");

var app = express();
var compiler = webpack(config);

app.use('/api', proxy(
      {
        target: 'http://localhost:58065/',
        changeOrigin: true,
        agent: new Agent({
            maxSockets: 100,
            keepAlive: true,
            maxFreeSockets: 10,
            keepAliveMsecs: 100000,
            timeout: 6000000,
            keepAliveTimeout: 90000 // free socket keepalive for 90 seconds
        }),
        onProxyRes: onProxyRes = (proxyRes) => {
            var key = 'www-authenticate';
            proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
        }
    }
));

app.use(webpackDevMiddleware(compiler,
    {
      hot: true,
      historyApiFallback: true,
      contentBase: config.output.path,
      publicPath: config.output.publicPath,
      headers: { 'Access-Control-Allow-Origin': '*' }
    }));

app.use(webpackHotMiddleware(compiler, {}));

app.listen(7071, 'localhost', function (err, result) {
  if (err) {
    return console.log(err);
  }
  console.log('Webpack Dev Server is fired up!!');
});

Just realized this may not help with Basic authentication or anything, but I couldn't even get Windows Integrated authentication working with webpack-dev-server.

@imsontosh

This comment has been minimized.

imsontosh commented Jun 12, 2017

@jndietz Can you please confirm if its working with windows integrated authentication ??

@jndietz

This comment has been minimized.

jndietz commented Jun 12, 2017

It is working for me. I can try to put together a demo project that utilizes all the libraries needed.

@jndietz

This comment has been minimized.

jndietz commented Jun 12, 2017

@imsontosh Here is a small project that utilizes express, webpack-dev-middleware, http-proxy-middleware

https://github.com/jndietz/csharp-windows-auth

Let me know if you are wanting to know something specific and I'll try to help out.

@imsontosh

This comment has been minimized.

imsontosh commented Jun 20, 2017

@jndietz Thanks for your effort. Working like charm. Cheers 👍

@jalaz

This comment has been minimized.

jalaz commented Aug 18, 2017

@jndietz, thanks for creating the example.

I noticed an interesting behavior running it. When a request takes a long time to run - it forces a user to enter credentials every time it receives a subsequent request. I basically experience the same issue running angular-cli proxy which uses webpack with http-proxy-middleware.

It is easy to reproduce if you put Thread.Sleep(TimeSpan.FromSeconds(5)); in the controller action and try to trigger an API action several times.

Do you have any ideas why it could be happening and how could be resolved?

CC @chimurai @imsontosh

@mikedevita

This comment has been minimized.

mikedevita commented Sep 20, 2017

thank you everyone for chiming in on this, I realize this is a closed issue but this helped solve an auth/CORS issue I had when trying to hit a MVC .NET 4.6 WebApi app which uses "Windows Authenticaton" and I couldn't get it to work during development for two reasons (CORS and NTLM not working well with axios).

My code for the proxy middleware is this:

import proxyMiddleware from 'http-proxy-middleware'
import Agent from 'agentkeepalive'

const bundler = webpack(config)

let middleware = [
  proxyMiddleware('/api', {
    changeOrigin: true,
    target: 'http://codefest.example.gov/Team7',
    agent: new Agent({
      maxSockets: 100,
      keepAlive: true,
      maxFreeSockets: 10,
      keepAliveMsecs: 100000,
      timeout: 6000000,
      keepAliveTimeout: 90000 // free socket keepalive for 90 seconds
    }),
    onProxyRes: (proxyRes) => {
        var key = 'www-authenticate';
        proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
    }
  })
 // ... removed for brevity
];

// ... removed for brevity

browserSync({
  port: 3000,
  ui: {
    port: 3001
  },
  open: false,
  server: {
    baseDir: 'src',
    middleware
  }
});

The ending result was webpack/browserSync serving up my ReactJs UI at http://localhost:3000/ and during dev it would hit http://localhost:3000/api/values browserSync would intercept the /api/values and proxy it to the backend WebApi at http://codefest.example.gov/Team7/api/values. This works well, thanks again for all of your inputs.

@xcjs

This comment has been minimized.

xcjs commented Dec 14, 2017

I just wanted to confirm that I'm still seeing an infinite series of pop-ups requesting authentication after trying various suggestions in this thread and ensuring that my dependencies include the fixes mentioned throughout.

I'm a little confused whether this issue is considered resolvable or not. As of now, has anyone successfully built a solution utilizing Webpack/http-proxy-middleware with NTLM authentication?

@Usman-M

This comment has been minimized.

Usman-M commented Dec 29, 2017

I still have this issue as well and have been monitoring to see if/when it gets resolved. IE11 seems to accept credentials from a single popup. No other browser does.

@mike-schenk

This comment has been minimized.

mike-schenk commented Dec 29, 2017

@xcjs , The solution from @jndietz worked for me while all the other solutions attempting to use webpack-dev-server caused me to get never ending authentication prompts in both Chrome and Firefox.

The authentication prompt still appears sometimes; it seems to be while Chrome dev tools are open and I try a full refresh. But it works pretty well.

@xcjs

This comment has been minimized.

xcjs commented Dec 30, 2017

@mike-schenk The solution from @jndietz unfortunately didn't have the same effect for me. I'm not expecting the prompt to never show, but I can't access the page due to the stream of authentication prompts.

@jndietz

This comment has been minimized.

jndietz commented Jan 19, 2018

@jalaz @xcjs Hey guys -- sorry that wasn't working for you. I will need to dive a bit deeper into it and see what exactly is going on. Currently stuck working on setting up an angular 1 application to be built with webpack so I might be able to take a look at it soon.

@jndietz

This comment has been minimized.

jndietz commented Jan 30, 2018

@jalaz @xcjs

I'm able to reproduce the issue in my project. I must not have seen that happen back when I made it.

With our Angular 1/Webpack config, we are going to be putting our UI code in with our web layer so we don't have any issues. If we weren't using Windows integrated authentication I don't suspect this would be as big of an issue. The alternative would be configuring the proxy as stated above, but then development activities would have to take place in Internet Explorer/Edge only and dealing with the username/password dialog from time to time.

The former was a better compromise for us. I still want to figure out a resolution for this :)

@bkrrrr

This comment has been minimized.

bkrrrr commented Mar 13, 2018

same here. I switched back from gulp to grunt because of this.
btw. (grunt-connect-proxy) is doing it correct.

@bkrrrr

This comment has been minimized.

bkrrrr commented Mar 14, 2018

Update for BASIC authentication:

i figured out that it is necessary to forward explizit the authorization header. In case you want to enter the password over browser buildin popup: this should work.

proxy('/sap', {
        target: 'http://' + configBuild.sap.server + ':' + configBuild.sap.port,
        changeOrigin: true,
        onProxyRes: function (proxyRes, req, res) {
            if (proxyRes.headers['authorization']){
                proxyRes.headers['authorization'] = req.headers['authorization'];
            }
        }
}

But i'm still looking for a solution in CL(Karma) environment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment