Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ocelot WebSocketsProxyMiddleware does not handle 401 Authentication error and returns 500 Internal Server Error #1360

Closed
Julandia opened this issue Oct 26, 2020 · 4 comments
Closed

Ocelot WebSocketsProxyMiddleware does not handle 401 Authentication error and returns 500 Internal Server Error #1360

Julandia opened this issue Oct 26, 2020 · 4 comments

Comments

@Julandia
Copy link

Our company plans to use Ocelot as API gateway for the company intranet services. We had below authentication problem when routing the SignalR requests using Ocelot. Is this a defect of Ocelot or do I miss some configuration?

Expected Behavior / New Feature

I expect that when server side returns 401 authentication, Ocelot should return the error to upstream

Actual Behavior / Motivation for New Feature

Ocelot return 500 Internal Server Error

Steps to Reproduce the Problem

  1. Have SignalR client and service running. Both service and client use .NetFramework SignalR. The service uses .Net Framework Web API stack and implement authentication middleware.
  2. Client sends a SignalR request to the service via Ocelot.
  3. Ocelot does not handle 401 authentication error returned by service and throws 500 Internal Server Error during SignalR connection:

Error stack:
Exception has occurred: CLR/System.Net.WebSockets.WebSocketException
Exception thrown: 'System.Net.WebSockets.WebSocketException' in System.Private.CoreLib.dll: 'The server returned status code '401' when status code '101' was expected.'
at System.Net.WebSockets.WebSocketHandle.d__24.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Net.WebSockets.ClientWebSocket.d__16.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Ocelot.WebSockets.Middleware.WebSocketsProxyMiddleware.d__7.MoveNext() in C:\simhub\Ocelot\src\Ocelot\WebSockets\Middleware\WebSocketsProxyMiddleware.cs:line 118

Specifications

  • Version: 16.0.1
  • Platform:
  • Subsystem:
@onahirniak
Copy link

The same issue.

@abdulmoizlogiciel
Copy link

abdulmoizlogiciel commented Nov 30, 2022
edited
Loading

any resolution or workaround please?
i have the same issue.

@raman-m
Copy link
Member

raman-m commented Mar 27, 2024

Duplicate of #1040

@raman-m raman-m marked this as a duplicate of #1040 Mar 27, 2024
@raman-m
Copy link
Member

raman-m commented Mar 27, 2024

Hi @Julandia !

Our company plans to use Ocelot as API gateway for the company intranet services.

Does your company use Ocelot now?

We had below authentication problem when routing the SignalR requests using Ocelot.

I guess this is Authentication problem for ws sceme. Ocelot WebSockets pipeline has no Auth middlewares to process authenticated routes. See more details in #1040 please!

Is this a defect of Ocelot or do I miss some configuration?

Authentication is not implemented in Ocelot currently for WebSockets!
Well... I recommend one common life coding hack:

  • Define anonymous route to Authentication endpoint to get auth artifacts like: token, cookie, session ID token
  • Define authenticated route with attached auth artifact to be authenticated by downstream services successfully

Hope it helps!

@raman-m raman-m closed this as not planned Won't fix, can't repro, duplicate, stale Mar 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@onahirniak @raman-m @Julandia @abdulmoizlogiciel