openhab-android: Does not send basic authentication for access to events (reverse proxy)
Actual behaviour
I am using openHAB 2.4 behind a reverse SSL proxy with basic authenticaion. I can see in the Apache logs that the app does not send the credentials for this URL:
“GET /openhab/rest/sitemaps/events/0280f475-925e-463f-9227-202b094a7bd0?sitemap=default&pageid=default HTTP/1.1” 401 442
This does not happen when using the Chrome browser to access the Basic UI.
Expected behaviour
The app should always send the credentials (or react properly to the 401).
Steps to reproduce
- Set up reverse proxy with Apache and Basic Authentication
- Point the app to that remote URL
Can you reproduce the issue in demo mode?
No.
Environment data
Client
- Android version: Pie
- Device model: Xiaomi Redmi Note 5
- Stock or customized ROM: Custom, Pixel Experience
- App version : 2.5.0
- Build flavor : Play Store
- Device language: German
Server
- Server version: 2.4.0
- Reverse Proxy: Apache
- Authentication method : Basic Auth
openHAB Cloud
N/A
Logs
App log
There is no such option!?
openHAB Server log
Nothing in that log.
Reverse Proxy log
Insert your reverse proxy error log here.
For nginx: `/var/log/nginx/error.log`
For Apache 2: `/var/log/apache2/error.log`
Nothing in that log.
"GET /openhab/rest/sitemaps/events/0280f475-925e-463f-9227-202b094a7bd0?sitemap=default&pageid=default HTTP/1.1" 401 442
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Comments: 27 (11 by maintainers)
Commits related to this issue
- Add authentication header to SSE events Fixes #1212 Signed-off-by: mueller-ma <mueller-ma@users.noreply.github.com> — committed to mueller-ma/openhab.android by mueller-ma 5 years ago
- Add authentication header to SSE events (#1231) Fixes #1212 Signed-off-by: mueller-ma <mueller-ma@users.noreply.github.com> — committed to openhab/openhab-android by mueller-ma 5 years ago
- Preserve authentication information over HTTP redirects. Fixes #1212 Signed-off-by: Danny Baumann <dannybaumann@web.de> — committed to maniac103/openhab.android by maniac103 4 years ago
- Preserve authentication information over HTTP redirects. (#1830) Fixes #1212 Signed-off-by: Danny Baumann <dannybaumann@web.de> — committed to openhab/openhab-android by maniac103 4 years ago
@mueller-ma, I think I know what’s going on here. I’ve been using redirect in apache httpd from http to https and I used http:// scheme in remote hostname in openhab app. The openhab app then contact httpd using HTTP with Authorization header, httpd redirected it to HTTPS, but OkHttp does not include Authorization header in this redirected request and httpd returned 401.
The workaround for me was simply using “https”. I also had to stop using local access with “http”, otherwise openhab app would never try to use remote access (because it contact local hostname on “http” and this returned 401 so it did not try checking remote access hostname).