Hi, As per the current behaviour, pgAdmin only considers the *REMOTE_USER* *environment* variable (set by the webserver).
We have just introduced the *WEBSERVER_REMOTE_USER config variable *(which will consider environment as well as headers)*,* so users can modify it as per their environment. So, in your case if you set WEBSERVER_REMOTE_USER = 'REMOTE_USER' or any header variable, it will work. This fix will be available in an upcoming release. Also, you can log the ticket for the multiple redirect issue @ https://redmine.postgresql.org/projects/pgadmin4. Thanks, Khushboo On Wed, Nov 10, 2021 at 2:02 PM Konrad Mattheis <konrad.matth...@vizlib.com> wrote: > Hi, > > I have an issue to get the new webserver auth working. My use case is > a little bit more complex but I tried to break it down > so that can be easily debugged from your side: > > I just start the dpage/pgadmin4 as docker image, with a changed > authsource. See: > > docker run -p 4444:80 \ > -e 'PGADMIN_DEFAULT_EMAIL=u...@domain.com' \ > -e 'PGADMIN_DEFAULT_PASSWORD=SuperSecret' \ > -e 'PGADMIN_CONFIG_CONSOLE_LOG_LEVEL=10' \ > -e 'PGADMIN_CONFIG_AUTHENTICATION_SOURCES=["webserver"]' \ > dpage/pgadmin4 > > > Now I try to make an request with my local chrome and an installed > header extension so that I can manipulate the request headers. > I'm injecting the header: REMOTE_USER=t...@hallo.de > > I get multiple redirects until the browser stop the loop. > > **** LOG ************ > > 2021-11-10 08:08:22,043: DEBUG pgadmin: Authentication > initiated via source: webserver > ::ffff:172.17.0.1 - - [10/Nov/2021:08:08:22 +0000] "GET / HTTP/1.1" > 302 209 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" > 2021-11-10 08:08:22,052: DEBUG pgadmin: Authentication > initiated via source: webserver > ::ffff:172.17.0.1 - - [10/Nov/2021:08:08:22 +0000] "GET / HTTP/1.1" > 302 209 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" > > **** HAR ** one request > > { > "_initiator": { > "type": "other" > }, > "_priority": "VeryHigh", > "_resourceType": "document", > "cache": {}, > "connection": "318993", > "request": { > "method": "GET", > "url": "http://localhost:4444/";, > "httpVersion": "HTTP/1.1", > "headers": [ > { > "name": "Host", > "value": "localhost:4444" > }, > { > "name": "Connection", > "value": "keep-alive" > }, > { > "name": "Pragma", > "value": "no-cache" > }, > { > "name": "Cache-Control", > "value": "no-cache" > }, > { > "name": "sec-ch-ua", > "value": "\"Google Chrome\";v=\"95\", > \"Chromium\";v=\"95\", \";Not A Brand\";v=\"99\"" > }, > { > "name": "sec-ch-ua-mobile", > "value": "?0" > }, > { > "name": "sec-ch-ua-platform", > "value": "\"macOS\"" > }, > { > "name": "Upgrade-Insecure-Requests", > "value": "1" > }, > { > "name": "User-Agent", > "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X > 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 > Safari/537.36" > }, > { > "name": "Accept", > "value": > "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9" > }, > { > "name": "Sec-Fetch-Site", > "value": "none" > }, > { > "name": "Sec-Fetch-Mode", > "value": "navigate" > }, > { > "name": "Sec-Fetch-User", > "value": "?1" > }, > { > "name": "Sec-Fetch-Dest", > "value": "document" > }, > { > "name": "Accept-Encoding", > "value": "gzip, deflate, br" > }, > { > "name": "Accept-Language", > "value": "en-US,en;q=0.9,de-DE;q=0.8,de;q=0.7" > }, > { > "name": "Cookie", > "value": "_ga=GA1.1.1548965094.1632077396; > _pk_id.1.1fff=b2a39c0044a229f7.1632078586.; > pga4_session=687afec6-df83-432e-9aae-c58c8a0aebb7!5IvAru1Bi1Entgxt96vVwrZqVQw=" > }, > { > "name": "remote_user", > "value": "t...@hallo.de" > } > ], > "queryString": [], > "cookies": [ > { > "name": "_ga", > "value": "GA1.1.1548965094.1632077396", > "path": "/", > "domain": "localhost", > "expires": "2023-09-19T18:58:45.000Z", > "httpOnly": false, > "secure": false > }, > { > "name": "_pk_id.1.1fff", > "value": "b2a39c0044a229f7.1632078586.", > "path": "/", > "domain": "localhost", > "expires": "2022-10-17T19:09:46.000Z", > "httpOnly": false, > "secure": false, > "sameSite": "Lax" > }, > { > "name": "pga4_session", > "value": > "687afec6-df83-432e-9aae-c58c8a0aebb7!5IvAru1Bi1Entgxt96vVwrZqVQw=", > "path": "/", > "domain": "localhost", > "expires": "2021-11-11T08:09:52.877Z", > "httpOnly": true, > "secure": false, > "sameSite": "Lax" > } > ], > "headersSize": 919, > "bodySize": 0 > }, > "response": { > "status": 302, > "statusText": "FOUND", > "httpVersion": "HTTP/1.1", > "headers": [ > { > "name": "Server", > "value": "gunicorn" > }, > { > "name": "Date", > "value": "Wed, 10 Nov 2021 08:10:42 GMT" > }, > { > "name": "Connection", > "value": "keep-alive" > }, > { > "name": "Content-Type", > "value": "text/html; charset=utf-8" > }, > { > "name": "Content-Length", > "value": "209" > }, > { > "name": "Location", > "value": "http://localhost:4444/"; > }, > { > "name": "X-Frame-Options", > "value": "SAMEORIGIN" > }, > { > "name": "Content-Security-Policy", > "value": "default-src ws: http: data: blob: > 'unsafe-inline' 'unsafe-eval';" > }, > { > "name": "X-Content-Type-Options", > "value": "nosniff" > }, > { > "name": "X-XSS-Protection", > "value": "1; mode=block" > }, > { > "name": "Set-Cookie", > "value": > "pga4_session=687afec6-df83-432e-9aae-c58c8a0aebb7!5IvAru1Bi1Entgxt96vVwrZqVQw=; > Expires=Thu, 11-Nov-2021 08:10:42 GMT; HttpOnly; Path=/; SameSite=Lax" > } > ], > "cookies": [ > { > "name": "pga4_session", > "value": > "687afec6-df83-432e-9aae-c58c8a0aebb7!5IvAru1Bi1Entgxt96vVwrZqVQw=", > "path": "/", > "domain": "localhost", > "expires": "2021-11-11T08:10:42.000Z", > "httpOnly": true, > "secure": false, > "sameSite": "Lax" > } > ], > "content": { > "size": 0, > "mimeType": "text/html", > "compression": 0 > }, > "redirectURL": "http://localhost:4444/";, > "headersSize": 545, > "bodySize": 0, > "_transferSize": 545, > "_error": null > }, > "serverIPAddress": "[::1]", > "startedDateTime": "2021-11-10T08:10:42.677Z", > "time": 25.62499999839929, > "timings": { > "blocked": 8.999999998515705, > "dns": -1, > "ssl": -1, > "connect": -1, > "send": 0.125, > "wait": 14.750000000436557, > "receive": 1.7499999994470272, > "_blocked_queueing": 3.8749999985157046 > } > }, > > bye > Konrad > > > >
