Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
D

davide

@davide
About
Posts
2
Topics
1
Shares
0
Groups
0
Followers
0
Following
0

Posts

Recent Best Controversial
  • Missing library for SSO
    D davide

    Hello,

    Davide from Baserow here. I'm having some issues configuring my Baserow application with SSO.

    Looking at the logs it seems like the xmlsec1 library is missing in the docker image. I think a apt install xmlsec1 should solve the problem, but I'm not sure how to verify it.

    Here the logs I'm seeing:

    May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /_nuxt/687aa44.js HTTP/1.1" 200 551 "https://libtest.cloudron-test.getbaserow.com/login/error?error=errorInvalidSamlRequest" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /api/sso/saml/login/ HTTP/1.1" 302 0 "https://libtest.cloudron-test.getbaserow.com/login/saml?original" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /fonts/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1" 304 0 "https://libtest.cloudron-test.getbaserow.com/login/error?error=errorInvalidSamlRequest" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /login/error?error=errorInvalidSamlRequest HTTP/1.1" 200 49833 "https://libtest.cloudron-test.getbaserow.com/login/saml?original" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
May 31 15:18:36 > File "/app/code/enterprise/backend/src/baserow_enterprise/sso/saml/handler.py", line 304, in get_sign_in_url
May 31 15:18:36 File "/app/code/backend/src/baserow/api/decorators.py", line 172, in func_wrapper
May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/api/sso/saml/views.py", line 171, in get
May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/api/sso/utils.py", line 43, in wrapper
May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/sso/saml/handler.py", line 275, in get_sign_in_url_for_auth_provider
May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/sso/saml/handler.py", line 69, in prepare_saml_client
May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/rest_framework/views.py", line 506, in dispatch
May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/config.py", line 271, in load_complex
May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/config.py", line 337, in load
May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/config.py", line 384, in load_metadata
May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/mdstore.py", line 1024, in __init__
May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/sigver.py", line 205, in get_xmlsec_binary
May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/sigver.py", line 951, in security_context
May 31 15:18:36 idp_sign_in_url = SamlAuthProviderHandler.get_sign_in_url(query_params)
May 31 15:18:36 mds = MetadataStore(
May 31 15:18:36 raise SigverError(f"Cannot find {bin_name}")
May 31 15:18:36 response = handler(request, *args, **kwargs)
May 31 15:18:36 return cls.get_sign_in_url_for_auth_provider(
May 31 15:18:36 return func(*args, **kwargs)
May 31 15:18:36 return func(*args, **kwargs)
May 31 15:18:36 saml2.sigver.SigverError: Cannot find ['xmlsec1']
May 31 15:18:36 saml_client = cls.prepare_saml_client(saml_auth_provider)
May 31 15:18:36 self.load_complex(cnf)
May 31 15:18:36 self.security = security_context(config)
May 31 15:18:36 self.setattr("", "metadata", self.load_metadata(cnf["metadata"]))
May 31 15:18:36 sp_config.load(saml_settings)
May 31 15:18:36 xmlsec_binary = get_xmlsec_binary(_path)
May 31 15:18:36 │ │ └ {}
May 31 15:18:36 │ └ <classmethod(<function SamlAuthProviderHandler.get_sign_in_url at 0x7f596b49d7e0>)>
May 31 15:18:36 │ └ []
May 31 15:18:36 │ │ └ {'entityid': 'https://libtest.cloudron-test.getbaserow.com/api/sso/saml/acs/', 'metadata': {'inline': ['<md:EntityDescriptor ...
May 31 15:18:36 │ └ <function Config.load at 0x7f596b46c5e0>
May 31 15:18:36 │ │ │ └ {}
May 31 15:18:36 │ │ └ ()
May 31 15:18:36 │ └ <rest_framework.request.Request: GET '/api/sso/saml/login/'>
May 31 15:18:36 │ │ └ {'query_params': {}}
May 31 15:18:36 │ │ └ {}
May 31 15:18:36 │ └ (<baserow_enterprise.api.sso.saml.views.BaserowInitiatedSingleSignOn object at 0x7f5969e1a200>, <rest_framework.request.Reque...
May 31 15:18:36 │ └ (<baserow_enterprise.api.sso.saml.views.BaserowInitiatedSingleSignOn object at 0x7f5969e1a200>, <rest_framework.request.Reque...
May 31 15:18:36 │ │ │ │ └ {'entityid': 'https://libtest.cloudron-test.getbaserow.com/api/sso/saml/acs/', 'metadata': {'inline': ['<md:EntityDescriptor ...
May 31 15:18:36 │ │ │ └ <function Config.load_metadata at 0x7f596b46c790>
May 31 15:18:36 │ │ └ <saml2.config.Config object at 0x7f596a19f940>
May 31 15:18:36 │ │ └ {'entityid': 'https://libtest.cloudron-test.getbaserow.com/api/sso/saml/acs/', 'metadata': {'inline': ['<md:EntityDescriptor ...
May 31 15:18:36 │ │ │ └ <saml2.config.Config object at 0x7f596a19f940>
May 31 15:18:36 │ │ └ <function security_context at 0x7f596b74a830>
May 31 15:18:36 │ └ <function Config.load_complex at 0x7f596b46c550>
May 31 15:18:36 │ └ <function Config.setattr at 0x7f596b46c3a0>
May 31 15:18:36 │ └ None
May 31 15:18:36 │ │ └ <SamlAuthProviderModel: SamlAuthProviderModel object (2)>
May 31 15:18:36 │ └ <classmethod(<function SamlAuthProviderHandler.get_sign_in_url_for_auth_provider at 0x7f596b49d750>)>
May 31 15:18:36 │ └ <classmethod(<function SamlAuthProviderHandler.prepare_saml_client at 0x7f596b49d090>)>
May 31 15:18:36 └ <baserow_enterprise.api.sso.saml.views.BaserowInitiatedSingleSignOn object at 0x7f5969e1a200>
May 31 15:18:36 └ <bound method map_sso_exceptions.<locals>.decorator.<locals>.wrapper of <baserow_enterprise.api.sso.saml.views.BaserowInitiat...
May 31 15:18:36 └ <class 'baserow_enterprise.sso.saml.handler.SamlAuthProviderHandler'>
May 31 15:18:36 └ <class 'baserow_enterprise.sso.saml.handler.SamlAuthProviderHandler'>
May 31 15:18:36 └ <class 'baserow_enterprise.sso.saml.handler.SamlAuthProviderHandler'>
May 31 15:18:36 └ <class 'saml2.mdstore.MetadataStore'>
May 31 15:18:36 └ <class 'saml2.sigver.SigverError'>
May 31 15:18:36 └ <function BaserowInitiatedSingleSignOn.get at 0x7f596b49e4d0>
May 31 15:18:36 └ <function get_xmlsec_binary at 0x7f596b7492d0>
May 31 15:18:36 └ <function validate_query_parameters.<locals>.validate_decorator.<locals>.func_wrapper at 0x7f596b49e560>
May 31 15:18:36 └ <saml2.config.Config object at 0x7f596a19f940>
May 31 15:18:36 └ <saml2.config.Config object at 0x7f596a19f940>
May 31 15:18:36 └ <saml2.config.Config object at 0x7f596a19f940>
May 31 15:18:36 └ <saml2.mdstore.MetadataStore object at 0x7f596a1f4370>

    Please let me know if we can do anything to fix it.
    Thanks,
    davide

    Baserow
  • Request failed with status code 500
    D davide

    Hey, Davide from Baserow here. Here the explanation of the bug, the work in progress to fix it for the long termand an immediate solution for now (taken from https://gitlab.com/baserow/baserow/-/issues/2290#note_1760709216) :

    So, it turned out to be a pretty challenging bug. The main problem is that atm ASGI is not fully compatible with how we manage our dynamic models in Django, because every time we clear Django's global apps cache and, if another request tries to access some related field on a model at the same time, it might experience some weird error like the ones reported in this thread.
    While a proper fix is in development here: !2105 I'd suggest changing the baserow-app in Cloudron applying the patch attached below. Basically, it uses WSGI to handle the API endpoints, leaving ASGI to handle WebSockets. In this way, every API request will have its process (and so its own Django apps registry), so that concurrent requests will have separate Django instances.

    Patch:

    diff --git a/CloudronManifest.json b/CloudronManifest.json
index 1da2e64..c563208 100644
--- a/CloudronManifest.json
+++ b/CloudronManifest.json
@@ -1,6 +1,6 @@
 {
   "id": "io.baserow.cloudronapp",
-  "version": "1.17.0",
+  "version": "1.17.1",
   "upstreamVersion": "1.22.3",
   "title": "Baserow",
   "author": "Bram Wiepjes",
diff --git a/nginx.conf b/nginx.conf
index f080702..5ddf6ce 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -32,7 +32,7 @@ server {
         proxy_read_timeout 86400;
     }
 
-    location ~ ^/(api|ws)/ {
+    location ~ ^/(ws)/ {
         proxy_pass http://127.0.0.1:8000;
         proxy_pass_request_headers on;
         proxy_http_version 1.1;
@@ -42,6 +42,17 @@ server {
         proxy_set_header Connection "upgrade";
         proxy_read_timeout 86400;
     }
+    
+    location ~ ^/(api)/ {
+        proxy_pass http://127.0.0.1:8001;
+        proxy_pass_request_headers on;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 86400;
+    }
 
     location /media/ {
         root /app/data;
diff --git a/supervisor.conf b/supervisor.conf
index 70d64c4..6fa5e8e 100644
--- a/supervisor.conf
+++ b/supervisor.conf
@@ -3,7 +3,7 @@ nodaemon = true
 logfile=/dev/null
 logfile_maxbytes=0
 
-[program:gunicorn]
+[program:backend-asgi]
 user=cloudron
 directory=/app/code
 command=/app/code/env/bin/gunicorn -w 3 -b 127.0.0.1:8000 -b [::1]:8000 -k uvicorn.workers.UvicornWorker baserow.config.asgi:application --log-level=debug
@@ -14,6 +14,17 @@ stderr_logfile_maxbytes=0
 autostart=true
 autorestart=true
 
+[program:backend-wsgi]
+user=cloudron
+directory=/app/code
+command=/app/code/env/bin/gunicorn -w 3 -b 127.0.0.1:8001 -b [::1]:8001 baserow.config.wsgi:application --log-level=debug
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stdout
+stderr_logfile_maxbytes=0
+autostart=true
+autorestart=true
+
 [program:worker]
 user=cloudron
 directory=/app/code
    Baserow
  • Login
  • Don't have an account? Register
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search