Hi Aruna, We have fixed #6120 <https://github.com/pgadmin-org/pgadmin4/issues/6120> issue where users were getting similar csf errors which were happening in case of authsource = oauth2. Fix will be available in the next release. Meantime you want to verify the issue, you use a nightly build docker image. (docker pull dpage/pgadmin4:snapshot)
Thanks, Yogesh Mahajan EnterpriseDB On Wed, Apr 19, 2023 at 4:52 PM Aruna Manivannan <aruna.manivan...@gmail.com> wrote: > Hi Yogesh, > We don't have any settings in config_local.py as there is no such file and > the authentication mode is SSO via okta. > > AUTHENTICATION_SOURCES = ['oauth2','internal'] > > Thanks. > > Regards, > Arun > > On Wed, Apr 19, 2023 at 1:41 AM Yogesh Mahajan < > yogesh.maha...@enterprisedb.com> wrote: > >> Hi, >> >> Could you please share config_local.py settings? Which authentication >> mode are you using? >> >> >> Thanks, >> Yogesh Mahajan >> EnterpriseDB >> >> >> On Tue, Apr 18, 2023 at 7:23 PM Aruna Manivannan < >> aruna.manivan...@gmail.com> wrote: >> >>> Hi Yogesh, >>> Please find the attached config file which we are using . >>> The issue which we are facing is exactly the same as it is described in >>> this thread >>> <https://github.com/pgadmin-org/pgadmin4/issues/5567#issuecomment-1508777189> >>> and my team member Eoghan also commented on the same. >>> >>> Below are the parameters that were modified according to our needs , >>> rest were all the same default values only. >>> >>> # Number of values to trust for X-Forwarded-For >>> >>> PROXY_X_FOR_COUNT = 1 >>> >>> # Number of values to trust for X-Forwarded-Proto. >>> >>> PROXY_X_PROTO_COUNT = 1 >>> >>> # Number of values to trust for X-Forwarded-Host. >>> >>> PROXY_X_HOST_COUNT = 1 >>> >>> # Number of values to trust for X-Forwarded-Port. >>> >>> PROXY_X_PORT_COUNT = 0 >>> >>> # Number of values to trust for X-Forwarded-Prefix. >>> >>> PROXY_X_PREFIX_COUNT = 0 >>> >>> >>> USER_INACTIVITY_TIMEOUT = 900 >>> >>> ENHANCED_COOKIE_PROTECTION = False >>> >>> >>> >>> Regards, >>> Arun >>> >>> On Tue, Apr 18, 2023 at 7:23 AM Dave Page <dp...@pgadmin.org> wrote: >>> >>>> >>>> >>>> On Tue, 18 Apr 2023 at 12:08, Yogesh Mahajan < >>>> yogesh.maha...@enterprisedb.com> wrote: >>>> >>>>> Hi, >>>>> >>>>> Could you please share your pgAdmin config setting? >>>>> >>>> >>>> FYI, the /misc/ping endpoint is CSRF-exempt. >>>> >>>> >>>>> >>>>> Thanks, >>>>> Yogesh Mahajan >>>>> EnterpriseDB >>>>> >>>>> >>>>> On Fri, Apr 14, 2023 at 8:45 PM Aruna Manivannan < >>>>> aruna.manivan...@gmail.com> wrote: >>>>> >>>>>> Hi Yogesh, >>>>>> Thanks for your reply. Please find the attached log file. The log >>>>>> entries keep repeating so given the portion of them. >>>>>> Sending it to you alone due to security reasons. >>>>>> FYI we have the parameter ENHANCED_COOKIE_PROTECTION = false to avoid >>>>>> CSRF token issue, but it seems to be ignored. >>>>>> Thanks. >>>>>> >>>>>> >>>>>> Regards, >>>>>> Arun >>>>>> >>>>>> On Fri, Apr 14, 2023 at 5:33 AM Yogesh Mahajan < >>>>>> yogesh.maha...@enterprisedb.com> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> Could you please complete the logs from the container? I suspect >>>>>>> those errors are because of CSRF token errors. >>>>>>> >>>>>>> >>>>>>> Thanks, >>>>>>> Yogesh Mahajan >>>>>>> EnterpriseDB >>>>>>> >>>>>>> >>>>>>> On Thu, Apr 13, 2023 at 11:04 PM Aruna Manivannan < >>>>>>> aruna.manivan...@gmail.com> wrote: >>>>>>> >>>>>>>> Hi Yogesh / pgadmin-support team, >>>>>>>> Have set up the liveness probe as suggested by you. However, It is >>>>>>>> now super helpful. The problem I am facing is though the /misc/ping is >>>>>>>> giving 200 status, I received complaints from users that they cant >>>>>>>> access >>>>>>>> pgadmin. >>>>>>>> When I checked the logs, I noticed that /sqleditor/status/<some >>>>>>>> number> is 500 & 503. I guess the number could be session ID or >>>>>>>> something >>>>>>>> not sure. Please find the below log message >>>>>>>> >>>>>>>> [::ffff:<private_ip_address> - - [13/Apr/2023:16:28:13 +0000] "GET >>>>>>>> /misc/ping HTTP/1.1" 200 4 "-" "kube-probe/1.24+" >>>>>>>> ::ffff:<private_ip_address> - - [13/Apr/2023:16:28:13 +0000] "GET >>>>>>>> /misc/ping HTTP/1.1" 200 4 "-" "kube-probe/1.24+" >>>>>>>> <public_ip_address> - - [13/Apr/2023:16:28:14 +0000] "GET >>>>>>>> /sqleditor/status/4397343 HTTP/1.1" 500 103 " >>>>>>>> https://pgadmin-url/sqleditor/panel/4397343?is_query_tool=true&sgid=96&sid=307&did=<db_id>&database_name=<db_name>" >>>>>>>> "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 >>>>>>>> Firefox/112.0" >>>>>>>> <public_ip_address> - - [13/Apr/2023:16:28:14 +0000] "GET >>>>>>>> /sqleditor/status/9414096 HTTP/1.1" 503 100 " >>>>>>>> https://pgadmin-url/sqleditor/panel/9414096?is_query_tool=true&sgid=96&sid=307&did=<db_id>&database_name=<db_name>" >>>>>>>> "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 >>>>>>>> Firefox/112.0" >>>>>>>> <public_ip_address> - - [13/Apr/2023:16:28:14 +0000] "GET >>>>>>>> /sqleditor/status/9414096 HTTP/1.1" 503 100 " >>>>>>>> https://pgadmin-url/sqleditor/panel/9414096?is_query_tool=true&sgid=96&sid=307&did=<db_id>&database_name=<db_name>" >>>>>>>> "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 >>>>>>>> Firefox/112.0" >>>>>>>> <public_ip_address> - - [13/Apr/2023:16:28:14 +0000] "GET >>>>>>>> /sqleditor/status/9414096 HTTP/1.1" 503 100 " >>>>>>>> https://pgadmin-url/sqleditor/panel/9414096?is_query_tool=true&sgid=96&sid=307&did=<db_id>&database_name=<db_name>" >>>>>>>> "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 >>>>>>>> Firefox/112.0 >>>>>>>> >>>>>>>> Later I restarted the pgadmin pod to get rid of this issue. Could >>>>>>>> you please explain what exactly is happening and how to fix it ? >>>>>>>> Thanks. >>>>>>>> >>>>>>>> Regards, >>>>>>>> Arun >>>>>>>> >>>>>>>> On Tue, Apr 11, 2023 at 10:42 AM Aruna Manivannan < >>>>>>>> aruna.manivan...@gmail.com> wrote: >>>>>>>> >>>>>>>>> Hi Yogesh, >>>>>>>>> Thanks for your response. Will use it and let you know the result. >>>>>>>>> Thank you again. >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> Arun >>>>>>>>> >>>>>>>>> On Tue, Apr 11, 2023 at 1:58 AM Yogesh Mahajan < >>>>>>>>> yogesh.maha...@enterprisedb.com> wrote: >>>>>>>>> >>>>>>>>>> Hi Aruna, >>>>>>>>>> >>>>>>>>>> You can use 'misc/ping' to monitor health checks. >>>>>>>>>> E.g. >>>>>>>>>> >>>>>>>>>> pgadmin: >>>>>>>>>> image: dpage/pgadmin4 >>>>>>>>>> healthcheck: >>>>>>>>>> test: ["CMD", "wget", "-O", "-", >>>>>>>>>> "http://localhost:80/misc/ping";] >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> Yogesh Mahajan >>>>>>>>>> EnterpriseDB >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Tue, Apr 11, 2023 at 2:20 AM Aruna Manivannan < >>>>>>>>>> aruna.manivan...@gmail.com> wrote: >>>>>>>>>> >>>>>>>>>>> Hi Team, >>>>>>>>>>> This is Arun. Could you please help me with setting up a >>>>>>>>>>> Liveness & Readiness probe for pgadmin4 6.17 which is running in the >>>>>>>>>>> Kubernetes cluster as Statefulset. I mean, is there any URL >>>>>>>>>>> endpoint which >>>>>>>>>>> I can configure to hit? Thanks. >>>>>>>>>>> >>>>>>>>>>> Regards, >>>>>>>>>>> Arun >>>>>>>>>>> >>>>>>>>>> >>>> >>>> -- >>>> Dave Page >>>> Blog: https://pgsnake.blogspot.com >>>> Twitter: @pgsnake >>>> >>>> EDB: https://www.enterprisedb.com >>>> >>>>
