Security error when using a webpack devServer proxy

Question

Security error when using a webpack devServer proxy

singulusoculus opened this issue 3 years ago · comments

Describe the bug
The setup: I have a front end dev environment using Svelte and webpack running at port 8080 that has a proxy to my express server running at port 3000. I originally used your Vue example and converted it for Svelte. I am able to connect with SSO from localhost:8080 up to version 0.1.52.

At version 0.1.53, when I try to connect with SSO at localhost:8080 via the proxy server I am getting the following error:

Error: AcceptSecurityContext: SECURITY_STATUS incorrect (<0): (error code: 0x80090308) The token supplied to the function is invalid

at C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\node-expose-sspi\src\sso\auth.ts:132:44
at C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\node-expose-sspi\src\sso\auth.ts:226:7
at Layer.handle [as handle_request] (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\route.js:137:13)
at Route.dispatch (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\route.js:112:3)
at Layer.handle [as handle_request] (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\layer.js:95:5)
at C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\index.js:281:22
at Function.process_params (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\index.js:335:12)
at next (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\index.js:275:10)
at Immediate._onImmediate (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express-session\index.js:495:7)

statusInfo: {
adminPrivileges: false,
isOnDomain: true,
domain: 'MYDOMAIN',
isActiveDirectoryReachable: true
}

messageType: NTLM_AUTHENTICATE_03
UnauthorizedError: Error while doing SSO: AcceptSecurityContext: SECURITY_STATUS incorrect (<0): (error code: 0x80090308) The token supplied to the function is invalid

at C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\node-expose-sspi\src\sso\auth.ts:224:25
at C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\node-expose-sspi\src\sso\auth.ts:226:7
at Layer.handle [as handle_request] (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\route.js:137:13)
at Route.dispatch (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\route.js:112:3)
at Layer.handle [as handle_request] (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\layer.js:95:5)
at C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\index.js:281:22
at Function.process_params (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\index.js:335:12)
at next (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express\lib\router\index.js:275:10)
at Immediate.<anonymous> (C:\Users\brian.casey\Desktop\projects\ap-review-nes-test\node_modules\express-session\index.js:495:7)

My SSO connect is as follows :
app.get("/action/connect-with-sso", sso.auth({useSession: true}), (req, res) => {
if (!req.sso) {
delete req.session.sso;
res.status(401).end();
return;
}
req.session.sso = req.sso;
res.json({ user: req.sso.user });
});

My session is configured as follows:
app.use(
session({
secret: apSecret, // env variable
resave: false,
saveUninitialized: true,
name: 'express-sso-session'
})
);

I also have my express server set up to serve my public directory at localhost:3000 (for when I move this to production) so I can get to my app there as well. If I start the server and try to get to the app via 8080 I get the security error. If I go to the app at localhost:3000 and then try again at 8080 it then works at 8080.

Expected behavior
I expect to be able to use a proxy server from my front end dev environment and not get the security error.

Environment version:

OS: Windows 10 Pro version 20H2 build 19042.508
Browser version: Chrome 88
Node version and architecture: 14.15.5

Please indicates also:

Are you on a Windows domain ? yes
Can you reach the domain controller ? yes
Do your session have admin privileges ? no
Which authentication protocol ? Unknown

Jean-Louis GUENEGO commented 3 years ago

Closed.

Jean-Louis GUENEGO · Answer 1 · Fri Feb 12 2021 01:47:31 GMT+0800 (China Standard Time)

please try with last version 0.1.55.

singulusoculus · Answer 2 · Fri Feb 12 2021 01:50:44 GMT+0800 (China Standard Time)

Same error from 0.1.53 - 0.1.55.

Jean-Louis GUENEGO · Answer 3 · Fri Feb 12 2021 02:03:56 GMT+0800 (China Standard Time)

ok, I am going to do a sample project with Svelte and come back to you.

anotherCoward · Answer 4 · Sat Jun 05 2021 15:01:29 GMT+0800 (China Standard Time)

@singulusoculus take a look at #91. This seems to be the same issue. Try changing the proxy => node connection to keep alive or apply the fix there.

Jean-Louis GUENEGO · Answer 5 · Sat Jun 05 2021 22:33:10 GMT+0800 (China Standard Time)

Please try 0.1.58.