Skip to content

Basic auth doesn't work on Registry v3 #5967

New issue
New issue
Open
Open
Basic auth doesn't work on Registry v3#5967
Assignees
carlesarnal
Labels
area/autharea/storagecomponent/registrypriority/normaltype/bugSomething isn't workingversion/3.x
Milestone
 
3.0.7
@justinaslelys

Description

@justinaslelys
justinaslelys
opened on Feb 11, 2025

Description

Malfunctioning API when using basic auth

Registry
Version: 3.0.6
Persistence type: sql

Environment

Kubernetes

Steps to Reproduce

  1. Enable OIDC with keycloak. UI and API (v2 API and ccompat v7 API) works fine.
  2. Enable basic auth along with OIDC by setting apicurio.authn.basic-client-credentials.enabled: "true"
  3. Try calling API by passing Authorization header Basic xxx containing the client_id and client_secret
    2.1. When I use bad credentials - 401 is received as expected
    2.2. When I use valids credentials - client never receives a response from Apicurio (504)
  4. Still works fine if I use Bearer token received from Keycloak while apicurio.authn.basic-client-credentials.enabled: "true" is enabled

Logs in Apicurio (example call to /apis/ccompat/v7/config, but the same behaviour experienced with /apis/registry/v2/:

2025-02+00-11 11:45:59 DEBUG [org.jboss.resteasy.core.SynchronousDispatcher] (executor-thread-11) RESTEASY002315: PathInfo: /apis/ccompat/v7/config
2025-02+00-11 11:47:00 DEBUG [org.jboss.resteasy.core.providerfactory.ResteasyProviderFactoryImpl] (executor-thread-11) MessageBodyWriter: org.jboss.resteasy.core.providerfactory.SortedKey
2025-02+00-11 11:47:00 DEBUG [org.jboss.resteasy.core.interception.jaxrs.AbstractWriterInterceptorContext] (executor-thread-11) Interceptor Context: org.jboss.resteasy.core.interception.jaxrs.ServerWriterInterceptorContext, Method : proceed
2025-02+00-11 11:47:00 DEBUG [org.jboss.resteasy.core.providerfactory.ResteasyProviderFactoryImpl] (executor-thread-11) MessageBodyWriter: org.jboss.resteasy.core.providerfactory.SortedKey
2025-02+00-11 11:47:00 DEBUG [org.jboss.resteasy.core.interception.jaxrs.AbstractWriterInterceptorContext] (executor-thread-11) Message
BodyWriter: org.jboss.resteasy.plugins.providers.jackson.ResteasyJackson2Provider
2025-02+00-11 11:47:00 DEBUG [org.jboss.resteasy.plugins.providers.jackson.ResteasyJackson2Provider] (executor-thread-11) Provider : org.jboss.resteasy.plugins.providers.jackson.ResteasyJackson2Provider, Method : writeTo
2025-02+00-11 11:47:00 DEBUG [io.undertow.servlet.spec.HttpServletResponseImpl] (executor-thread-11) UT005013: An IOException occurred: java.io.IOException: java.lang.IllegalStateException: UT000127: Response has already been sent

Worth to mention I am migrating from Apicurio v2 where this functionality worked as expected.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

area/autharea/storagecomponent/registrypriority/normaltype/bugSomething isn't workingversion/3.x

Type

No type

Projects

Registry 3.0

  • Status

    Backlog

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions