我在Rails 5.2应用程序中观察到一些奇怪的行为,其中基本身份验证部分被跳过并且始终为假。
此代码在本地开发环境下运行良好,但是在Kubernetes部署中,authenticate_with_http_basic块从未被击中。
在kubernetes应用程序部署之前,nginx代理服务器
class ApplicationController < ActionController::Base
before_action :authenticate
def authenticate
if _valid_credentials?
# never gets to this part
true
else
# enters the else block
request_http_basic_authentication
end
end
def _valid_credentials?
Rails.logger.debug("Function is entered")
authenticate_with_http_basic do |username, password|
cred = "#{username}|#{password}"
# Nothing is printed with Rails.logger.debug
Rails.logger.debug("Received credentials: #{cred}")
# Running rails console reveals the correct ::Configuration.credentials
SecureCompare.compare(cred, ::Configuration.credentials)
end
end
end
kubernetes日志:
nginx xxx.xxx.xx.xx 0.004 0.002930 - test_user [18/Jun/2019:20:11:26 +0000] "GET / HTTP/1.1" 401 38 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3829.0 Safari/537.36" b9af3f83-b2b8-43e1-bee7-1603f5ada6c2 -
app-deployment-name Processing by XXXController#index as HTML
app-deployment-name Function is entered
app-deployment-name Filter chain halted as :authenticate rendered or redirected
app-deployment-name Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
欢迎提出任何想法或建议。
谢谢。