New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
trouble diagnosing persona issues #36
Comments
I haven't seen this error so we are in new territory, at least for me. The red list item is the crude way the client software reports unexpected server errors. This is consistent with the unexpected 401 from the server. There has been some debug output left in the server. That must be the json you are seeing from it. I'm guessing that crucial information (owner, email) was somehow blocked before this message. I'm heading for a plane or I'd hop into an editor and find where this gets printed. @paul90 is pretty familiar with this code so I mention him here hoping he will make a suggestion. |
I think what's happening is that
I tried fooling the code into thinking url is "", so that it would use the host header from the request, but ... defeated at every turn. There doesn't seem to be a way to set it to "", if the port isn't 80, or something. I'm not sure that's the safest thing to do anyway. I think the "fix" for me is to pass the valid URL.in the configuration. But I think it would be useful to dump the persona request (don't need the assertion, but audience would be nice) along with the persona response, upon failure. |
The "fix" sounds like a good next step. Let us know how it works. Keep notes on what you have to do so we can accumulate How-Tos for various services. |
The Might be worth looking at wiki-openshift-quickstart for an example of a OpenShift solution, using the platform's environment variables to construct a configuration file. An issue is that if the server is accessible by both http and https, persona will only work with one of them - as the With the server running in the cloud, it the server will not be able to set the correct values itself as it will only see the internal address/port - and not the external exposure. Note: if the wiki is accessible via both http and https, only one route will currently be able to used to login - whichever is hard-wired into the |
Right. For clouds that give you both an http:// and https:// routing, for the same app, you can only pick one to use that persona will work with. Which is a little unfortunate, but it's also a bit weird that clouds expose both, and don't always give you an option to route one to the other (eg, expose both http: and https:, but forward all http: traffic to the https: side). One way that we could support both, would be to swizzle the protocol in the passed-in url config from ... hmmm ... the referer header? blech. Would likely work. Or making use of X-forwarded-for, or something. Probably not worth the effort, as the calculation of the url gets more complicated. Some write-up on this, in the readme? might be appropriate. |
I'm wondering - one possibility would be to re-try the other protocol, Though using X-forwarded-proto to guide whether to use http or https
|
I have gotten Persona working with wiki running port 3000 and NGINX reverse proxying via 80. The trick is that you MUST STATE BOTH 1) the port and 2) the intended URL in your startup params:
Missing either of those params makes login fail. |
Hmm, I think I tricked it into working, but it is not working any more. I have reverted to only logging in when going in on port 3000. With that in mind, I need to start the server as follows:
And only log in via port 3000 |
I have two wiki farms running. First one is started as an upstart service
The
My public wikifarm at `.wiki.allmende.io uses the following nginx config
I believe it makes sense to rely on the npm Persona does not work for TLS + HTTP basic auth secured wikis, as the callback cannot pass the authentication. But local wikis, DNSed in my private router, or just by I will update this thread with the respective systemd, farm and nginx config. |
I think I figured out what's going on here. It's not the reverse proxy. I'm using pm2 (similar to upstart) to keep the process alive, but the command line arguments are not passing through. Everything works fine when I manually go in the command line and start it as such:
Then, I can use persona just fine through NGINX. So, I need to figure out how to start the wiki using a "config file" rather than command line args. Are there any instructions on how to do this? Do I make some sort of config.js file and put it somewhere? |
Server options are described in the ReadMe. A config file might look like this:
|
Cool. I figured out that if I have a config file for pm2, I can do {
"apps" : [{
"name" : "wiki",
"script" : "/usr/lib/node_modules/wiki/index.js",
"args" : ["-p", "3000", "-u", "http://wiki.theoutpost.io"],
}]
} Doing this resolves my issue. Now my question is: How do I get in neighborhoods so my wiki can be discovered by your wikis? Sorry, I've been out of the loop for a while... PS: The wiki config file route still requires a parameter of |
With pm2 you need to pass the parameters to your application slightly differently, the following example is from the PM2 advanced readme:
Any parameters after the |
@paul90 is right here, because it also allows you to pass custom parameters to
A while ago another process manager for Node appeared on the scene, which seems pretty interesting to discover https://github.com/tableflip/boss |
I'm running a server, but not able to get the persona login to work. I can't get anything other than failure while logging in.
I've used persona on other sites, so I know my "basic" persona skillz are ok - none-the-less, this is most probably an error on my part. Or is some configuration required which isn't I didn't notice in the docs?
Anyhoo, before I dive in, I'll just note that there aren't really any good diagnostics for this particular failure. Here are the symptoms:
Error on /persona_login: FAIL
in redFAIL
.The text was updated successfully, but these errors were encountered: