You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/08/16 11:18:15 UTC

[GitHub] [apisix] kingluo commented on issue #7608: authz-casdoor redirect :503 Service Temporarily Unavailable

kingluo commented on issue #7608:
URL: https://github.com/apache/apisix/issues/7608#issuecomment-1216497366

   @tzssangglass The session is not tranfered to casdoor server. It's restored from cookie sent by the browser.
   
   ```lua
      -- session here either comes from cookie or new generated
       local session_obj_read, session_present = session.open()
       ...
       if current_uri == real_callback_url then
           -- if session_present is false, then means browser doesn't send any cookie
           if not session_present then
               err = "no session found"
               core.log.error(err)
               return 503
           end
   ```
   
   @xwc1125 Let me explain why you failed with 503 and 504.
   
   You `callback_url` uses the domain name `10.78.44.46` which is different from the one you access apisix from the browser. Before apisix redirects the browser to casdoor server, it generates a cookie for `127.0.0.1`, but then, after you success to get authenticated by casdoor server and redirects the browser to the callback addr `10.78.44.46`, the browser doesn't send any cookie to it, because the domains are different.
   
   But when you turns to access apisix via `10.78.44.46`, the whole authentication flow works (and no need to re-enter username and password in casdoor in this case, because you already login casdoor), and the upstream is accessed, but timed out. The timeout reason is pending to be found. Maybe it's network issue, you could retry.
   
   So ensure the domain in `callback_url` is the same one you access apisix in your browser.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org