I have had OH behind OPNsense firewall’s HAproxy for years. Now that I updated to OH3 I can’t get the login to work. It just lloops me in credentials popup dialog. Nothing in OH logs, but firefox has this for each auth try:
Initializing state tracking store proxy app.js:37:1835 Uncaught (in promise) undefined Uncaught (in promise) undefined Using passed credentials app.js:7:121713 Uncaught (in promise) undefined app.js:32:436561 loadData https://o.mydomain.com/js/app.js:32 Uncaught (in promise) undefined Uncaught (in promise) undefined
I asked this in this thread: OH3 with NGINX Reverse Proxy and Authentication - #57 by ikkeT, but I open a separate topic as that’s not exactly HAproxy thread.
You can see from there I did the same as @rikoshak did with pfsense, which likely is pretty much the same implementation of haproxy. But for me it won’t work:
http-request add-header Set-Cookie XOPENHAB-AUTH-HEADER=1;path=/;Secure http-request del-header Authorization
These settings are from /usr/local/etc/haproxy.conf so it’s easier than describing the gui. So as discussed in the thread, I add the options for the cookie, and drop the Authorization -header.
I have screenshots from the cookie in the other thread here: OH3 with NGINX Reverse Proxy and Authentication - #59 by ikkeT
Any idea what goes wrong there in auth dialog? HAproxy does basic-auth first, I want there to be the point of https termination and authorization to get to any of my home things. Then I’d like the openhab to authenticate for the admin user. But that fails now.
OpenHAB itself is running on Fedora-IoT Linux within podman container, which works fine from local network over http, including the auth when using it from local net bypassing the haproxy.