Caddy basicauth mobile login prompt loop

rcg · June 10, 2022, 6:25am

1. Caddy version (`caddy version`):

docker latest v2 alpine Docker Hub

2. How I run Caddy:

a. System environment:

OS:

Distributor ID: Ubuntu
Description:    Ubuntu 20.04.4 LTS
Release:        20.04
Codename:       focal

docker version:

Client: Docker Engine - Community
 Version:           20.10.14
 API version:       1.41
 Go version:        go1.16.15
 Git commit:        a224086
 Built:             Thu Mar 24 01:48:02 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.14
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.15
  Git commit:       87a90dc
  Built:            Thu Mar 24 01:45:53 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.5.11
  GitCommit:        3df54a852345ae127d1fa3092b95168e4a88e2f8
 runc:
  Version:          1.0.3
  GitCommit:        v1.0.3-0-gf46b6ba
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

b. Command:

see next section for docker command

c. Service/unit/compose file:

docker run -d --name caddy -v /etc/Caddyfile:/etc/caddy/Caddyfile -v /etc/caddy:/root/.local/share/caddy --net host --restart on-failure caddy/caddy:alpine

d. My complete Caddyfile or JSON config:

subdomain.personaldomain.net {
  encode gzip

  reverse_proxy 127.0.0.1:9998
  basicauth {
    username bcrypt_base64_encoded_pass
    }
}

3. The problem I’m having:

I’m having an issue with the basicauth to my internal service. For some reason there is a login prompt loop that occurs.

tested on: on mobile (haven’t seemed to experience the issue on PC) iPhone chrome browser and safari tested. Latest app versions and iOS. On chrome and safari, it log me in to my service but then when I click around on the website, it prompts me to login again, however I can hit cancel or I can enter the login username/pass and gain access again.

4. Error messages and/or full log output:

no errors in the logs.

5. What I already tried:

I’ve tried searching google, which the auto fill shows that people are searching for this same problem - but no relevant forum posts show up in the results.

I tried looking at caddy logs but literally nothing shows up there.

I think I’m setting up the basicauth correctly based on various examples I’ve found.

6. Links to relevant resources:

emilylange · June 10, 2022, 6:57am

Hi

Has the internal service you are proxying to its own login form?
Perhaps the internal service is interfering with the basic auth’s Authorization header

But that wouldn’t explain why you don’t seem to experience the issue on PC.
Is your internal service some public software, so you can share its name/link, or is it something private?

rcg · June 10, 2022, 7:57am

The internal service has its own auth built in which I am not utilizing and have never enabled. I didn’t enable it due to the fact that I considered just using caddy’s basicauth.

It’s a custom private service that our engineers wrote. If there’s something specific you’d like me to ask them details on I can find out.

rcg · June 11, 2022, 6:02am

I disabled caddy basic auth and reverted to setting up the internal apps built in auth. It works but I was hoping to just be able to quickly utilize caddy’s basicauth.

emilylange · June 11, 2022, 8:40am

I hadn’t much spare time yesterday, but glad to hear you found a solution that works for you

Though I had lowkey hoped that it was just some open source service or so where I could just skim through the source code

It could have been a side effect of the framework/tech stack used and whatnot.
So it would have been a full questionary for your engineers

PS: I went ahead and marked your latest post as solution . Unless you want to replace the services’ auth with basicauth again

francislavoie · June 11, 2022, 2:47pm

Try testing auth with curl -v to see what HTTP headers you’re getting back when auth is incorrect, and when auth is correct.

rcg · June 11, 2022, 7:20pm

I spent too much time setting up the apps internal auth and don’t want to spend more time to mess around with the caddy auth now that the other one is setup. If I try caddy auth with other services and have the issue I’ll post another post but i’ll remember to try this first thanks.

system · July 10, 2022, 6:25am

This topic was automatically closed after 30 days. New replies are no longer allowed.