Basic auth is not sent to registry with different domain #284
Comments
|
I also experienced this behaviour today and hence decided to deploy this on the same domain, but this has its own issues unfortunately. |
|
Hi, thank you for using my project and submitting issues 😄 Is your issue linked to this question from the FAQ ?
If this is the case, and as I said in almost all linked issues, this is a docker registry issue and it's not a part of my project. You may override the OPTION response from your registry (via your reverse proxy) and return a status code 200 instead of 401. |
|
Hi @MrNocTV I also experience kind of the same behavior. I solved this by setting up my proxy to serve all registry requests on the same domain. For example:
So finally Safari and Firefox are working nicely now, but I have issues with Chrome and need to re-authenticate on every click. Maybe the description in #303 would help you? How is your authentication setup in registry? via token or htpasswd? |
|
@alexanderwolz |
|
Hi @MrNocTV I have also started a side project for one of my customers using Angular and Bootstrap. It reduces HTTP traffic by caching tokens and tags. I recently published it as open source at https://github.com/alexanderwolz/registry-angular-ui (see also the images at Docker Hub) You are welcome to check it out. |
|
Hi @MrNocTV and @alexanderwolz , I'm sad to see you go to different projects. @alexanderwolz I've checked your project, it's a nice one and thank you for the credit 😄 Are you not afraid of the security breaches that storing passwords in local storage can cause? I had also thought about it but I found that the risk was too great. 🤔 |
|
Hi @Joxit It was a requirement to have a login screen and I also thought about it for a long time. I ended up saving the credentials base64 encoded with a valid period of 2h in a Token object that is encrypted with CryptoJS AES encryption and put in the local storage. At least this approach works fine on all browsers whereas the Basic Auth approach does not work on Chrome (see #303 ) for my client's configuration. Basic auth struggles with 301 redirects on certain browsers. |
|
Okay I see, you are encoding the basic auth in your fronted with a secret. Good choice ^^ Yeah I did respond to your #303 issue, since I didn't succeed to reproduce your bug I wanted you to host an example but I didn't get a response and well... You preferred to create your own project instead. Since the original issue here didn't get a response too and choose another project, I will close it. |
Hi, I use this docker registry UI and I have an issue...
Bug description
I use
registry.comdomain for the backendregistry:2andregistry-ui.comfor thedocker-registry-ui.After login on browser (browser shows a simple username/password form, it is closed after I successfully login with the
registry:2.But after that, requests to
registry-ui.comget 401, I check the request headers, there is no fields regarding authorization or authentication.Expected behavior
I think even though the domain is different, it should work because I have specified the registry url in the config file.
The text was updated successfully, but these errors were encountered: