Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redirect to HTTPS not working when GlobalExtAuth is set #6659

Open
SamMHD opened this issue Sep 8, 2024 · 1 comment · May be fixed by #6661
Open

Redirect to HTTPS not working when GlobalExtAuth is set #6659

SamMHD opened this issue Sep 8, 2024 · 1 comment · May be fixed by #6661
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.

Comments

@SamMHD
Copy link
Contributor

SamMHD commented Sep 8, 2024

What steps did you take and what happened:

  • Set GlobalExtAuth
  • Set AuthPolicy.disabled on some route
  • Set PermitInsecure to false on that route
  • Send a Plain HTTP request to that route.

** Even AuthContext won't be set on route in this case**

What did you expect to happen:
what I expect is that Envoy redirect me to HTTPS but it won't because globalExtAuth is set (even though it is disabled on route)
@SamMHD SamMHD added kind/bug Categorizes issue or PR as related to a bug. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor. labels Sep 8, 2024
@SamMHD SamMHD mentioned this issue Sep 8, 2024
Closed
SamMHD added a commit to SamMHD/contour that referenced this issue Sep 8, 2024
@SamMHD
fix projectcontour#6617 and projectcontour#6659
b0d8e7a 
Changes:
- use dagRoute's AuthContext and AuthDisabled in HTTPS-Upgrade to fix 6659
- Use globalExtAuth.AuthPolicy.Disabled to calculate dagRoute.AuthDisabled
- Fix Tests

Signed-off-by: Saman Mahdanian <[email protected]>
@SamMHD SamMHD linked a pull request Sep 8, 2024 that will close this issue
Open
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 9, 2024

The Contour project currently lacks enough contributors to adequately respond to all Issues.

This bot triages Issues according to the following rules:

  • After 60d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the Issue is closed

You can:

  • Mark this Issue as fresh by commenting
  • Close this Issue
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix #6617 and #6659 SamMHD/contour
Fix GlobalExtAuth.AuthPolicy.Disabled SamMHD/contour
1 participant
@SamMHD