openhab-ios: Username and password authentication does not work correctly

Hello openhab-ios developers,

if the app (tested with version 2.0.3) is supposed to connect to an openHAB instance with authentication, it doesn’t work since there are requests without (or wrong) authentication. Authentication is realized by an upstream connected reverse proxy with basic authentication as described here: https://www.openhab.org/docs/installation/security.html

When username and password are configured in the app they should be given to all requests that are sent to openHAB. But in the server side log you can see that obviously not all requests have an (appropriate) authentication header.

192.168.0.10 - SomeUser [24/Feb/2019:09:31:16 +0100] "GET /rest/sitemaps HTTP/1.1" 200 670 "-" "openHAB/2.0.3.0 CFNetwork/976 Darwin/18.2.0"
192.168.0.10 - - [24/Feb/2019:09:31:46 +0100] "GET /rest/bindings HTTP/1.1" 403 3975 "-" "openHAB/2.0.3.0 CFNetwork/976 Darwin/18.2.0"

The first request for /rest/sitemaps is sent with correct authentication and so responded correctly. (200) But the second request for /rest/bindings is sent without or wrong authentication and so it is denied. (403) The app shows a “Connecting” popup but nothing more happens.

Configuring the reverse proxy that access to /rest/bindings is granted at all makes the app work. But that is not how it should be. So please let all requests carry the correct authentication header. Thanks.

Finding out the problem was discussed here https://community.openhab.org/t/no-connection-with-ios-app/67283/20

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 18 (7 by maintainers)

Most upvoted comments

What’s unusual is that the app retrieves the sitemap via https but it time-outs on displaying the contents. Not sure if there is a setting in my nginx config that is causing issues.

Make sure that you enabled headers in your nginx/apache configuration, particularly forwarding the scheme.

For apache: RequestHeader set X-Forwarded-Proto "https"

For nginx: X-Forwarded-Proto: https

The issue was discussed here

Thanks - I added a specific location for /rest as below and it works.

Appreciate the help

        location /rest {
                proxy_pass                            http://localhost:8080/rest;
                proxy_set_header Host                 $http_host;
                proxy_set_header X-Real-IP            $remote_addr;
                proxy_set_header X-Forwarded-For      $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto    "https";
         }
+1
Clifford-Foster on Jul 10, 2019

What’s unusual is that the app retrieves the sitemap via https but it time-outs on displaying the contents. Not sure if there is a setting in my nginx config that is causing issues.

Make sure that you enabled headers in your nginx/apache configuration, particularly forwarding the scheme.

For apache: RequestHeader set X-Forwarded-Proto "https"

For nginx: X-Forwarded-Proto: https

The issue was discussed here

+1
chr151ux on Jul 10, 2019

I tested it now on the Beta. Here it works fine. Thanks!

+1
chr151ux on Jul 9, 2019
Read more comments on GitHub
← openhab-ios: Sitemap: images are not displayed
openhab-syno-spk: install problem with 2.1.0.008-DSM6 →