Unable to login to DT

[nigellh]

Did a complete refresh of my DT instance with the latest containers etc and deleted the DB as it would not migrate.

Came up fine.
Logged in with admin/admin and changed the pwd
Created a number of teams and IDs
I logged in with mine. All OK, can create projects etc.

My colleague could not with the default password I gave them.

I logged out and tried with their ID and pwd and could get in.

So we cleared cache, tried different browsers, rebooted, restarted DT nothing.

I could still log in, so I logged out again and I tried with theirs again and still OK, but now I can no longer log in with mine, admin or theirs.

Symptoms are enter the ID and PWD, select login button and absolutely nothing happens. No response whatsoever.

Any suggestions gratefully received.

I have come across this in the past for a smaller server and I have no idea what made it work.

I was working on Firefox, logged in with theirs on FF and then tried the Safari that they are using and that seems to possibly be what has broken me on either browser. (I think).

I do not want to have to rebuild it again, when it might be something simple.

Oh and no log errors either. The login page comes up fine. Just weird!

[nscuro]

absolutely nothing happens. No response whatsoever.

This is indeed weird, but it may indicate a network problem. Are you able to see the login request being sent in your browser's developer tools (Network tab), when pressing the login button? And if you do, are you getting a response, and if so, what does it say?

[nigellh]

It gets to the server

No idea what it means though.

[nscuro]

Requests from the frontend to the API server are being blocked by your browser, because the host where the frontend is running (the requests Origin) is not listed as acceptable origin by the API server (refer to CORS).

You can effectively bypass this by allowing any origin. Uncomment or add these to your docker-compose.yml:

dependency-track/src/main/docker/docker-compose.yml

Lines 73 to 78 in c9c1702

	# - ALPINE_CORS_ALLOW_ORIGIN=*
	# - ALPINE_CORS_ALLOW_METHODS=GET, POST, PUT, DELETE, OPTIONS
	# - ALPINE_CORS_ALLOW_HEADERS=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count, *
	# - ALPINE_CORS_EXPOSE_HEADERS=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count
	# - ALPINE_CORS_ALLOW_CREDENTIALS=true
	# - ALPINE_CORS_MAX_AGE=3600

[nigellh]

Sorry to bother you, but this is where my limited knowledge hits

Gives me

Not sure if I need to uncomment environment as well?

[nscuro]

No worries. You need to pay attention that you're consistent in how you specify environment variables.

Compose allows two notations:

environment:
  ENV_VAR_NAME: "value"

And:

environment:
  - ENV_VAR_NAME=value

Make sure you pick one style and stick to it. If you mix it, you'll get errors.

[nigellh]

OK

Need to figure the colon as https://docs.dependencytrack.org/getting-started/configuration/

Does not seem to indicate them

[nigellh]

OK so....

DT Started, but it did not fix it, have I missed something? I note that you said from line 73 above but I did it from line 72, but either way I still have the same problem :-(

[nscuro]

Are you getting the same errors as before, or is it different now?

Can you share the entire docker-compose.yml please?

[nigellh]

I believe so

docker-compose.yml.zip

[nigellh]

Hi Niklas,

I might have fixed it and it is so so so annoying.

  # - API_BASE_URL=https://9.20.193.157:8081
  - API_BASE_URL=http://9.20.193.157:8081

Swapped it from https to http as https is not yet supported.

It is exceptionally weird as it ran for nearly a year with this setting and no issues and the temp server has it like that with no issues.

Bit more testing, but fingers crossed.

[nigellh]

That seems to be it. Just in case anyone else needs a cause and solution in very, very layman's terms.

The cors problem appears to be when the system you are sending a call to responds with a response that makes it look like a different system is responding. Many systems do this and it is OK as long as the system is configured to support it.

For us, we had not changed anything and the system had been fine for months and months with the current docker-compose.yml file and then it just stopped dead in allowing people to log in.

The long and the short of it is that Dependency Track does not yet support HTTPS, but we had our server defined as

  - API_BASE_URL=https://9.20.123.456:8081

I can only guess that something changed either on the server or DT or browsers that stopped this being allowed.

Changed it to the following and all seems to be OK.

  - API_BASE_URL=http://9.20.123.456:8081

(Base docker-compose.yml has

  - API_BASE_URL=http://localhost:8081

So should have seen it when we changed that)

[nigellh]

Nop that does not appear to be it!

[nigellh]

Ignore that it was it!

[Ringostar1982]

That did not fix my login CORS Problem:

frontend base URL:
API_BASE_URL=http://localhost:8081

And CORS is NOT commented out in the .yml- file:

services:
dtrack-apiserver:
image: dependencytrack/apiserver
environment:

# Optional Cross-Origin Resource Sharing (CORS) Headers
 - ALPINE_CORS_ENABLED=true
 - ALPINE_CORS_ALLOW_ORIGIN=*
 - ALPINE_CORS_ALLOW_METHODS=GET, POST, PUT, DELETE, OPTIONS
 - ALPINE_CORS_ALLOW_HEADERS=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count, *
 - ALPINE_CORS_EXPOSE_HEADERS=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count
 - ALPINE_CORS_ALLOW_CREDENTIALS=true
 - ALPINE_CORS_MAX_AGE=3600

[nigellh]

OK, not the expert as some of the guys here and not been involved with running it on Windows at all.

The only thing I can suggest is to replace the http://localhost:8081/ in the docker-compose.yaml file with the actual IP address of the system that you are running it on and see if that gets you in. For example:

http://192.168.0.23:8081/

Restart DT and see if that helps.

The issue I had originally is that I was running it on one system, trying to access it from another and it had the http://localhost:8081/ in the yaml file. It would show the web page I just could not log in.

Other than that I will leave it to the real DT experts

[Ringostar1982]

No problem. That did not help anyway:

[nigellh]

Just had a thought. Have you just upgraded your DT instance? I believe that I had this after an upgrade and I eventually had to wipe everything and restart. It is due to one of the upgrade versions having a requiring a new version of the database that was incompatible with the old one.

In theory there are instructions to export the DB, create the new one and import what was in there, but I could not get it to work so it was easier to start from scratch, read the users and get them to import their SBOMs.

[Ringostar1982]

i didnt do an update. Just installed docker and catched the dockerfile to build the 2 containers all from scratch.

[nigellh]

OK, I hope you get it resolved soon!