[OH3] Authentication and multiuser issue

I try to use the Rest API and for this I require authentication.
None of the already documented tips seem to work.

  • Basic user authentication is enabled, with the admin user as test, I receive always http error ‘401’. Also, the browser always places a warning the there is no authentication is required. Even without user:password@ I receive ‘401’

  • Tried to establish an API token with the same result of ‘401’

  • created a second user for the user group ‘user’ with karaf. Well this results in the effect that none of my pages and widgets configured is showing any value of status anymore. Even a login with the admin user does not solve the issue.

Nothing in the GUI is populated anymore. Even after deleting the second user, I have no data available, no charts - nothing.
Anyone, any idea to get two items fixed,

  1. Authentication

  2. Getting back the widgets to life

  • do you use your browser to locally access openhab ?
  • is there a (reverse-) proxy like nginx ( that require additional authentication ) in between your browser and your openhab ?
  • did you try to use shift reload resp. did you try to clear the browsers cache ( this bullet is like have you tried to restart your windows system :slight_smile: )

All within the same sImple home network, and tried from the server itself with the same effect.

Nothing like a proxy installed, not nginx, no apache or any other fancy network stuff.

Yes, reloaded the page, cleared cache of the browser on my Mac (no Windows :wink:), restarted OH3 several times - no changes.

The interesting is, everything works like supposed. There is no miss of rule functionality. If I browse through the items, all values appear like supposed.

(still left overs from the OH2 -> OH3 migration to see in the item labels)

I miss a clue why the system behaves like this after I added and removed a non admin user, and why authentication is not working in any described ways.

Issue opened against this behavior.

1 Like

This issue seems to be related to authentication.
Setting the options to ‘Implicit user role for unauthenticated requests’ on ‘ON’.
Does not make sense to me, but works now.