Thanks Tim. I have been looking in Troubleshooting Guide. I have been what's going on y devtools, finding out differences in request and response heads between demo7 dspace site and my localhost testing site.
It's how you have said: authentication to backend "is lost". When I download a file from an article access to document it's allowed for anonymous users so I have no problem with user with permissions or without them. I have read installations instructions in wiki and I repeated localhost installation some times from zero but I have the same results. DEVTOOLS OUTPUT IN DEMO7 DSPACE REQUEST GET /server/api/core/bitstreams/d46aa5dc-38cf-4980-94a4-2bbc9192b373/content?authentication-token=eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiIzMzU2NDdiNi04YTUyLTRlY2ItYThjMS03ZWJhYmIxOTliZGEiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE2NTc4ODQ1MTJ9.Q3u0u_h5pZ6foZoGO0uN8sZgJVxqDM_9IcN7ksdw31s HTTP/1.1 Host: api7.dspace.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://demo7.dspace.org/ Cookie:* DSPACE-XSRF-COOKIE=5a900961-b49d-4ce6-ba20-930eb5fa51f8* Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Sec-Fetch-User: ?1 RESPONSE HTTP/1.1 200 200 Date: Fri, 15 Jul 2022 11:28:30 GMT Server: Apache *X-Frame-Options: SAMEORIGIN* Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers Content-Language: en ETag: "87b04f95b4d65819dd9d0ee7d6af963e" Accept-Ranges: bytes Expires: Fri, 15 Jul 2022 12:28:30 GMT Cache-Control: private,no-cache Content-Disposition: inline;filename="metadata-export138.log" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-Frame-Options: DENY Content-Type: application/octet-stream;charset=UTF-8 Content-Length: 263 Access-Control-Expose-Headers: Authorization, expires, Location, Content-Disposition, WWW-Authenticate, Set-Cookie, X-Requested-With, DSPACE-XSRF-TOKEN Keep-Alive: timeout=5, max=97 Connection: Keep-Alive DEVTOOLS OUTPUT IN LOCALHOST REQUEST GET /server73d/api/core/bitstreams/ca84230d-3719-4cff-a5c7-ac88565ccaf4/content?authentication-token=eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiIzZGU0NjA2NS1jNjBiLTQzNTMtYTdhNy1hMTVhODY3N2QyZjQiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE2NTc4ODQzNDF9.jiElZ4EQkRtXskRh_Y195rSfgqNhZW9t18DcCg2mhGA HTTP/1.1 Host: localhost.local:8080 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://localhost.local:4000/ Cookie: *DSPACE-XSRF-COOKIE=88924c55-e638-40d7-96c3-d6fe78112683; klaro-anonymous=%7B%22authentication%22%3Atrue%2C%22preferences%22%3Atrue%2C%22acknowledgement%22%3Atrue%2C%22google-analytics%22%3Atrue%7D; _ga=GA1.2.1520468102.1657614120; CORRELATION-ID=585749b6-116f-4ba7-9d58-3c142ee3c923; dsLanguage=es; XSRF-TOKEN=88924c55-e638-40d7-96c3-d6fe78112683; dsAuthInfo={%22accessToken%22:%22eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiIzZGU0NjA2NS1jNjBiLTQzNTMtYTdhNy1hMTVhODY3N2QyZjQiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE2NTc4ODYwMjB9.ivBPfxVET6B_HOi-xAxd7elLWmpsHkT84qjp-JV4KOw%22%2C%22expires%22:1657886020000}; klaro-3de46065-c60b-4353-a7a7-a15a8677d2f4={%22authentication%22:true%2C%22preferences%22:true%2C%22acknowledgement%22:true%2C%22google-analytics%22:true}*Upgrade-Insecure-Requests: 1 RESPONSE HTTP/1.1 401 Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Language: es-ES X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 *X-Frame-Options: DENY* Content-Type: text/html;charset=UTF-8 Content-Length: 316 Date: Fri, 15 Jul 2022 11:25:46 GMT Keep-Alive: timeout=20 Connection: keep-alive I've been looking for in tomcat logs but nothing important. Only 401 request. Could it be for not use a SSL in the backend? I found out more cookies sent in localhost http environment. I was considering deploying backed with https. I continue with it. Many thanks. El miércoles, 13 de julio de 2022 a las 22:19:10 UTC+2, Tim Donohue escribió: > Hi Vincente, > > A 401 error from the DSpace backend tends to mean one of two things: > > - Either you are not logged in, or your account simply doesn't have > permissions (e.g. some areas of the application are only available to > Administrators) > - Or, you have a CSRF or samesite cookie issue, where your > authentication information is being "lost" between the backend and the > frontend. However, if this is occurring, you'd usually see the same > problem on *all* pages which require authentication. > > Again I'd highly recommend looking at the Troubleshooting Guide for tips. > You may want to pay close attention to what is going on in your browser's > DevTools (the network tab) when you access the pages which return a 401. > I'd also recommend verifying you are a member of the Administrator group > and no other errors are in the dspace.log or Tomcat logs. > > If you find any other clues and need more help, let us know on this list. > > Tim > ------------------------------ > *From:* [email protected] <[email protected]> on behalf > of Vicente Zapatero Martin <[email protected]> > *Sent:* Wednesday, July 13, 2022 3:28 AM > > *To:* DSpace Technical Support <[email protected]> > *Subject:* Re: [dspace-tech] Re: Export Metadata Unauthorized 401 > > It's quite strange. I only receive this 401 error when i'm trying to > access to "processes" log and csv (metadata-import) bitstreams but when i > access to a article bitstream (pdf, docx) i can download it. > > I've been reading CSRF and CORS error but I was analyzing browser > developer tools, request and cookies. Token and samesite (Lex) cookie have > got values both. > > I don't know, I'm using a testing environment in the same domain: > > UI Front End: localhost.local:4000 > Back End: localhost.local:8080 > > Perhaps should I configure SSL for local testing environment?? > > Thanks > > El lunes, 11 de julio de 2022 a las 18:00:09 UTC+2, Tim Donohue escribió: > > Hi Vicente, > > This is just a guess, but it's possible you have some sort of > misconfiguration between the frontend & backend which is causing the > frontend to not be "trusted" by the backend. > > You should check our troubleshooting guide and see if there are any errors > in your Browser's DevTools: > https://wiki.lyrasis.org/display/DSPACE/Troubleshoot+an+error#Troubleshootanerror-DSpace7.x(orabove) > > It might be that you are hitting a CSRF token issue, or a CORS error, or > similar. If so, the solution to those are in our Common Installation > Issues listed here: > https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-CommonInstallationIssues > > Good luck & if you need more help let us know on this list. > > Tim > ------------------------------ > *From:* [email protected] <[email protected]> on behalf > of Vicente Zapatero Martin <[email protected]> > *Sent:* Thursday, July 7, 2022 6:43 AM > *To:* DSpace Technical Support <[email protected]> > *Subject:* [dspace-tech] Re: Export Metadata Unauthorized 401 > > I add these screenshots.When I clicked in file I get "sprint Whitelable > Error Page". > [image: log-process.png][image: log-process-downloadbits.png] > > El miércoles, 6 de julio de 2022 a las 14:31:11 UTC+2, Vicente Zapatero > Martin escribió: > > I can't download any bitstream. Metadata csv's files, etc. In version > dspace 7.3 I have the same error. Surely I forgot any configuration. > > Any idea? > > Thanks. > > El lunes, 20 de junio de 2022 a las 14:16:21 UTC+2, Vicente Zapatero > Martin escribió: > > After export metadata from "Export\Metadata" I get Unauthorized 401 error > message when I click in csv file output. > > It's an URL like this: > > > http://localhost:4000/bitstreams/8e7eec16-76b6-4a6b-bfe4-7ef96b88bd7c/download > > This is a log example: > > 2022-06-20 13:20:01,594 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:01,594 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:01,616 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:01,616 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 77f2c73b-64e4-463d-8a60-9f11bacdf71b > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server721/api] originated from / > 2022-06-20 13:20:03,934 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:03,934 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:03,965 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:03,965 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 277d98eb-4ac4-4523-a7ea-a6e032d31911 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server721/api] originated from / > 2022-06-20 13:20:06,020 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:06,020 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:06,036 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:06,036 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 7fd46ec4-4ea9-4b75-80b5-586599bbee92 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server721/api/system/processes/2] originated from / > 2022-06-20 13:20:21,011 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:21,011 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:21,026 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:21,026 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > bc9bf16d-b58c-4c69-b92e-61713b14ab50 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server721/api] originated from /processes/2 > 2022-06-20 13:20:23,335 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:23,335 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:23,357 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:23,357 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > ed348e92-17ae-4875-88a9-2ac6873751d2 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server721/api] originated from /processes/2 > 2022-06-20 13:20:25,390 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:25,390 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:25,405 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:25,405 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:25,421 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:25,421 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:25,421 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 705a17c7-31c8-4661-835c-950d9b3abf32 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET > /server721/api/core/bitstreams/be3264c9-1263-401e-ad30-2b2f0a2180e2/bundle] > originated from /processes/2 > 2022-06-20 13:20:25,421 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 9c5bcc7e-e978-453c-a888-8e91c2d125e2 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET > /server721/api/core/bitstreams/be3264c9-1263-401e-ad30-2b2f0a2180e2/format] > originated from /processes/2 > 2022-06-20 13:20:25,437 DEBUG 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 9c5bcc7e-e978-453c-a888-8e91c2d125e2 > org.dspace.content.BitstreamServiceImpl @ > ::find_bitstream:bitstream_id=be3264c9-1263-401e-ad30-2b2f0a2180e2 > 2022-06-20 13:20:25,437 DEBUG 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 705a17c7-31c8-4661-835c-950d9b3abf32 > org.dspace.content.BitstreamServiceImpl @ > ::find_bitstream:bitstream_id=be3264c9-1263-401e-ad30-2b2f0a2180e2 > 2022-06-20 13:20:25,513 DEBUG unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for > username: > 2022-06-20 13:20:25,513 DEBUG unknown unknown > org.dspace.app.rest.security.StatelessAuthenticationFilter @ Found > authentication data in request for EPerson > 2022-06-20 13:20:25,513 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:25,513 INFO 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 26b514ab-1485-4479-9d1d-98bcbb0330d1 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [POST /server721/api/authn/shortlivedtokens] originated from > /bitstreams/be3264c9-1263-401e-ad30-2b2f0a2180e2/download > 2022-06-20 13:20:25,513 DEBUG 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 26b514ab-1485-4479-9d1d-98bcbb0330d1 > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:25,513 DEBUG 9cf3d41f-12e5-4b27-ad88-8765b011ab37 > 26b514ab-1485-4479-9d1d-98bcbb0330d1 org.dspace.core.Context @ Cache size > on commit is 22 > 2022-06-20 13:20:27,549 WARN unknown unknown > org.dspace.app.rest.security.jwt.JWTTokenHandler @ 127.0.0.1 tried to use > an expired or non-valid token > 2022-06-20 13:20:27,549 DEBUG unknown unknown > org.dspace.core.LegacyPluginServiceImpl @ Adding Sequence plugin for > interface= org.dspace.authenticate.AuthenticationMethod, > class=org.dspace.authenticate.PasswordAuthentication > 2022-06-20 13:20:27,549 INFO unknown e8f70cdc-d0fd-4645-852a-1428fcb09857 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET > /server721/api/core/bitstreams/be3264c9-1263-401e-ad30-2b2f0a2180e2/content] > originated from http://localhost:4000/ > 2022-06-20 13:20:27,564 DEBUG unknown e8f70cdc-d0fd-4645-852a-1428fcb09857 > org.dspace.content.BitstreamServiceImpl @ > anonymous::find_bitstream:bitstream_id=be3264c9-1263-401e-ad30-2b2f0a2180e2 > 2022-06-20 13:20:27,564 WARN unknown e8f70cdc-d0fd-4645-852a-1428fcb09857 > org.dspace.app.rest.exception.DSpaceApiExceptionControllerAdvice @ > Authentication is required (status:401) > > Thanks > > -- > All messages to this mailing list should adhere to the Code of Conduct: > https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx > --- > You received this message because you are subscribed to the Google Groups > "DSpace Technical Support" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/dspace-tech/a3108dcf-637e-4286-9515-866fcea2450an%40googlegroups.com > > <https://groups.google.com/d/msgid/dspace-tech/a3108dcf-637e-4286-9515-866fcea2450an%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > -- > All messages to this mailing list should adhere to the Code of Conduct: > https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx > --- > You received this message because you are subscribed to the Google Groups > "DSpace Technical Support" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/dspace-tech/2a41fa79-71c3-4a39-a5d2-e5a67e09e9a0n%40googlegroups.com > > <https://groups.google.com/d/msgid/dspace-tech/2a41fa79-71c3-4a39-a5d2-e5a67e09e9a0n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/e1004bf7-b594-4076-9a13-381d2f48b3c3n%40googlegroups.com.
