For some reason, possibly by some modules install/remove (“applications”…) I lost single sign on the new GUI. The browser pop-ups a browser based requester to enter credentials and if I enter them, it takes me to proper Cockpit login screen (asking for login in the bottom left of the window).
No proxy.
Actually my NS is still in a test virtual machine, so the host communicating with it, is not even part of the test domain, nor using NS as gateway. Could this be the problem?
They are on the same IP subnet.
(the VM uses my real gateway and DNS)
That IP subnet is already in the trusted networks (not by me, it was added during setup).
I don’t think this is related to the web page asking twice for login (once using browser’s own dialog box and once by NS own login page).
Chrome.
But now that you asked, I tried also Edge (note that I never visited that address with Edge before).
Same thing.
BUT discovered something else (by mistake, like all great discoveries)…
Actually entering WHATEVER for user or pass, on first pop-up (browser’s own dialog box), it just proceeds (nothing fails), to NS own login page.
So the first credential request, actually has no verification done.
Same here, fresh installation with Local AD domain, Webtop and Nextcloud.
It happened on a NG 7.6 too.
Edit:
Same thing happens in Nextcloud when you are logged as System Admin:
Log in as “System Admin” -> Click on your Avatar at the Top-Right corner then click on “Settings” -> Click on “Overview” under “Administration” on the left column -> Browser popup appears asking credentials
I noticed something.
The first dud login pop-up happens when the login page tries to query the name of the server.
Maybe this calls some unneeded security (that get ignored anyway, as a simple enter works).
After I press enter the name of the server shows up and the normal login shows up.
With self-signed certificate, on Windows 7 + Chrome 77 (and older), every time I open the browse and visit cockpit page a popup asks for user/password. When closing the popup without giving credentials (cancel) the browser console shows:
:9090/cockpit/login:1 Failed to load resource: the server responded with a status of 401 (Authentication required)
(index):410 GET https://FQDN:9090/cockpit/login 401(Authentication required)
C @ (index):410 // code line has: e.send();
e @ (index):389
load (async)
(anonymous) @ (index):772
(anonymous) @ (index):773
Same procedure but giving credentials:
(index):410 GET https://FQDN:9090/cockpit/login 401 (Authentication failed)
C @ (index):410
e @ (index):389
load (async)
(anonymous) @ (index):772
(anonymous) @ (index):773
and with an older version of Chrome:
:9090/cockpit/login:1 Failed to load resource: the server responded with a status of 401 (Invalid conversation token)
Browser request headers show: Sec-Fetch-Mode: cors
On Windows 7 + Firefox 69, no popup but same 401 error on console.
GNU/Linux+chromium 77 (and Firefox): no popup but 401 error on console:
(index):1 [DOM] Password field is not contained in a form: (More info: Create Amazing Password Forms) <input type="password" class="form-control" id="conversation-input">
(index):1 [DOM] Password field is not contained in a form: (More info: Create Amazing Password Forms) <input type="password" class="form-control" id="login-password-input">
(index):257 GET https://IP:9090/cockpit/login 401 (Authentication required)
C @ (index):257 // code line has: e.send();
e @ (index):236 // cole line has: C();
load (async)
(anonymous) @ (index):619 // code line has: window.onload = e;
(anonymous) @ (index):620 // code line has: })(window.console);
(index):257 XHR failed loading: GET “https://IP:9090/cockpit/login”.
C @ (index):257
e @ (index):236
load (async)
(anonymous) @ (index):619
(anonymous) @ (index):620
I don’t know if 401 is expected before login:
Here are older but similar error descriptions (chrome related):