-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
okta - unable to renew the session. The session store may not support this feature #7221
Comments
it seems something wrong with this pr #7011 |
After cookies clearing works fine. |
Cookie clear makes it work, but it reappears once the session expired. |
Same here, It also reappears when I logout from GUI. Edit: Im not using Okta, but Keycloak. It will be generic problem with OIDC session caching. |
Could it be fixed by #7088?? Can anyone try upgrading to |
I update to v0.10.0 - seems it is fixed. |
Same here, but I'm on v0.10.0. After the session expires, or if I click on logout, I'll get a 502 if I try to open Datahub again. |
It is not fixed. As @caiopavanelli mentioned if I logout, I get the bad gateway. |
One thing I noticed is that once I get the 502 when trying to access the frontend, the debug log in the frontend service prints the following line. If I keep refreshing the page these lines repeat as well.
If I navigate to that link in the browser, I get an error from my OIDC Provider (Okta). However, the following lines are printed to the debug log.
After that, the |
Is there any update on this. Will the fix make a release? |
What error are you seeing exactly when you navigate to Okta? Trying to understand what could be happening here. Also, I see that the screenshots above are showing 502 from NGINX.. Is everyone using some reverse proxy in front of datahub-frontend? |
My guess is that this has to do with how this redirect is interacting with Nginx reverse proxy sitting in front of it. Because without that, we've not seen any issues here |
Unsure whether something like this may be related -. https://serverfault.com/questions/1019510/nginx-is-not-redirecting-302-redirect-response-to-https |
when the session cookie is expired, the UI tries to hit
If I enable TRACE logs for |
This issue is stale because it has been open for 30 days with no activity. If you believe this is still an issue on the latest DataHub release please leave a comment with the version that you tested it with. If this is a question/discussion please head to https://slack.datahubproject.io. For feature requests please use https://feature-requests.datahubproject.io |
Still having this issue with v0.10.0 |
I have the same issue with OIDC keycloak auth with 502 Bad gateway and |
We also had the same issue in our installation of datahub. The 502 is returned by the ingress in kubernetes (GCP) when the response header size is large due to the FoundAction being passed in the returned_url of the PLAY_SESSION cookie.
|
This fixed my issue as well! Thank you! |
Awesome, thanks you a lot @mkamalas ! |
This issue is stale because it has been open for 30 days with no activity. If you believe this is still an issue on the latest DataHub release please leave a comment with the version that you tested it with. If this is a question/discussion please head to https://slack.datahubproject.io. For feature requests please use https://feature-requests.datahubproject.io |
This issue was closed because it has been inactive for 30 days since being marked as stale. |
Describe the bug
I use v0.9.6.1, and for sso I use okta. I get bad gateway error, it only works if I cleanup the cookie or open datahub in incognito.
To Reproduce
Steps to reproduce the behavior:
3. And in the datahub-frontend pod, I see the following error 'Unable to renew the session. The session store may not support this feature'
The text was updated successfully, but these errors were encountered: