Hi @idi can you ty to update to Centreon 21.04.10 and test agin?
Regards,
Hi @Laurent
For the moment my manager does not wish to make a version upgrade.to upgrade just for the web? is possibly?
Regards,
Yes you can only update centreon-web and all dependencies using:
yum update centreon-web
Regards,
Hello @Laurent
I have just updated the centreon-web to 21.04.10, I have this error now :
2022-02-07 12:18:08|-1|0|0|[OpenId] [Error] Unable to get Token Access Information: RestNotFoundException, message: Page not found
2022-02-07 12:18:08|-1|0|0|[OpenId] [Error] Unable to get login from claim: email
Regards,
Thanks to anyone who has an idea ;)
Hello @Laurent une idée svp
Hi @idi , the error message says: “message: Page not found”
It means that the Centreon central server can’t access to the /token endpoint.
Can you try to make a curl on this endpoint?
Hi @Laurent
indeed the curl does not respond
[root@br-hop-po15 ~]$curl https://login.microsoftonline.com/85eca096-674d-4fd9-9a9e-ae1178e2ee56/oauth2/v2.0/token
I think I have to configure my proxy to go out?
Yes if you need a proxy, you have to configure it into Centreon using “Administration > Parameters > Centreon UI” menu.
To test in CLI you need to use:
export http_proxy=http://myproxy:port
export https_proxy=https://myproxy:port
*Screenshot deleted because of confidential information*
Hi @Laurent
I configured the proxy “Administration > Parameters > Centreon UI” menu.
unfortunately always errors
Ok now Centreon receive the token of the connected user on your IDP but Centreon can’t get additional information (token introspection endpoint).
Our documentation describes as examples:
Can you check your configuration?
Hi @Laurent
I confirm that I have the same conf as what you told me. unfortunately always errors
*Screenshot deleted because of confidential information*
CONF side AZURE
@idi can you check with Microsoft if you need to use another endpoints?
We performed tests 3 months ago with this configuration and every was OK, may be they change their configuration.
But the good news is now Centreon passed 2 firsts steps:
- Authentication to Microsoft IDP
- Get authenticated user token
Only last two steps are missing
Hi @Laurent
I don't know from whom? I will look at the microsoft docs.
Honestly, I've been struggling for 10 days to activate openid.Thanks again for your time,
@idi by exporting the proxy in a shell term, try to make curl on “Introspection Token Endpoint” as well as “User Information Endpoint”.
Regards,
Hi @Laurent
after exporting the proxy
[root@br-hop-po15 ~]$curl https://login.microsoftonline.com/85eca096-674d-4fd9-9a9e-ae1178e2ee56/oauth2/v2.0/introspect
[root@br-hop-po15 ~]$curl https://graph.microsoft.com/oidc/userinfo
curl: (56) Received HTTP code 407 from proxy after CONNECT
Can you try by deleting “/introspect” endpoint (keep empty)?
Hi @Laurent
after adding microsoft.com in my proxy whitelist it works again
[root@br-hop-po15 ~] /var/log/centreon]$ curl https://graph.microsoft.com/oidc/userinfo
{"error":{"code":"InvalidAuthenticationToken","message":"Access token is empty.","innerError":{"date":"2022-02-08T14:54:43","request-id":"8c49f075-2dd3-48d3-8223-48c73a7ef963","client-request-id":"8c49f075-2dd3-48d3-8223
tout ça comme endpoint: coté équipe AZURE
*Screenshot deleted because of confidential information*
@idi so everything is working now?
Can you try by deleting “/introspect” endpoint (keep empty)?
already tested nothing happens when I click on
Can you give me complete error log trace (/var/log/centreon/login.log) when you click on button?
deleting “/introspect”
no trace in the logs /var/log/centreon/login.log
