kubernetes入口前的oauth_proxy显示错误403
[英]oauth_proxy in front of kubernetes ingress showing error 403
问题描述
I am trying to secure my application exposed as LB using oauth2_proxy, I have created 2 ingress resources as required one for running the oauth2_proxy and another for accessing my application which is to be secured through authentication. 
我正在尝试使用oauth2_proxy保护作为LB公开的应用程序,我根据需要创建了2个入口资源,一个用于运行oauth2_proxy,另一个用于访问要通过身份验证保护的应用程序。 Refer link [ https://github.com/kubernetes/ingress-nginx/tree/master/docs/examples/auth/oauth-external-auth] . 请参阅链接[ https://github.com/kubernetes/ingress-nginx/tree/master/docs/examples/auth/oauth-external-auth] 。 I have followed the exact process as mentioned in this link. 我已按照此链接中所述的确切过程进行操作。
When I hit my FQDN or Domain Name in browser it asks for authentication and upon successful authentication I get error 当我在浏览器中点击我的FQDN或域名时,它要求进行身份验证,成功身份验证后,我会收到错误消息
2019/07/25 14:09:56 oauthproxy.go:830: 10.244.2.76:36094 ("10.240.0.5") Cookie "_oauth2_proxy" not present
2019/07/25 14:09:57 oauthproxy.go:788: 10.244.2.76:36088 ("10.240.0.5") Permission Denied: "" is unauthorized
2019/07/25 14:09:57 oauthproxy.go:532: ErrorPage 403 Permission Denied Invalid Account
I expect to successfully redirected to my application service as authentication is successful. 由于身份验证成功,我希望成功重定向到我的应用程序服务。 How can I achieve this? 我该如何实现?
1 个解决方案
解决方案1
2 已采纳 2019-07-26 09:32:12
It seems from the log that you are able to use the github application for authentication, but the error that "_oauth2_proxy" is not present usually occurs when the application type is not an "oauth" proxy. 从日志看来,您可以使用github应用程序进行身份验证,但是当应用程序类型不是“ oauth”代理时,通常会出现“ _oauth2_proxy”不存在的错误。
Please check if the application that you have created is an oauth application or not just to be sure. 请检查您创建的应用程序是否是oauth应用程序,或者只是为了确定。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.