Hi,
We are trying to setup our CMS with SSO via azure AD which partially works. We run into an issue where no iframes are loaded and we can’t seem to figure out why this is happening. Hopefully someone here has some insights.
The versions:
BrXM enterprise version 14.7.5
We use azure ad with OIDC (oauth2) following the setup suggested by Woonsan and Baris here:
and
The setup seems to work as we are rerouted to microsoft login and get back to the cms and are logged in. The navigation on the left loads, but then it gets stuck on loading anything on the right of the screen (the angular iframes).
If you use an admin user you can also login into the console and edit/delete/write to repo so the whole login process seems to work properly.
The iframe loading just gives a timeout angular error page 408 without a clear reason why the iframes are not loading properly.
The logs give the following information, but don’t seem to be much help. The connection timeout error is something that we also see happening when not running with SSO, so seems unrelated.
[INFO] [talledLocalContainer] 28.04.2022 10:42:11 INFO http-nio-8080-exec-4 [CmsSubAppIFrameCommunicationBehavior.renderHead:93] Add script:cms-subapp-iframe-communication.js
[INFO] [talledLocalContainer] 28.04.2022 10:42:11 INFO http-nio-8080-exec-4 [CmsSubAppIFrameCommunicationBehavior.createScript:104] Add key:iFrameElementId,value:projects-iframe as parameter to script
[INFO] [talledLocalContainer] 28.04.2022 10:42:14 INFO http-nio-8080-exec-4 [ActiveLogoutPlugin.internalRenderHead:86] Inactive user sessions will be logged out automatically after 30 minutes minutes
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-4 [JcrItemModel.loadModel:195] Neither path nor uuid present for item model, returning null
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-4 [JcrItemModel.doSave:283] Neither path nor uuid present
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-4 [JcrItemModel.loadModel:195] Neither path nor uuid present for item model, returning null
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-4 [JcrItemModel.doSave:283] Neither path nor uuid present
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-4 [JcrItemModel.loadModel:195] Neither path nor uuid present for item model, returning null
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-4 [JcrItemModel.doSave:283] Neither path nor uuid present
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-4 [SecurityContextPersistenceFilter.doFilter:118] Cleared SecurityContextHolder to complete request
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-7 [FilterChainProxy.doFilterInternal:208] Securing GET /?1&iframe
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-7 [HttpSessionSecurityContextRepository.readSecurityContextFromSession:184] Retrieved SecurityContextImpl [Authentication=OAuth2AuthenticationToken [Principal= [redacted] Granted Authorities=[ROLE_USER, SCOPE_email, SCOPE_openid, SCOPE_profile]]]
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-7 [SecurityContextPersistenceFilter.doFilter:107] Set SecurityContextHolder to SecurityContextImpl [Authentication=OAuth2AuthenticationToken [Principal=Name: [redacted] Granted Authorities=[ROLE_USER, SCOPE_email, SCOPE_openid, SCOPE_profile]]]
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-7 [AbstractSecurityInterceptor.beforeInvocation:210] Authorized filter invocation [GET /?1&iframe] with attributes [authenticated]
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 INFO http-nio-8080-exec-7 [LoginSuccessFilter.doFilter:34] doFilter LoginSuccessFilter
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-7 [FilterChainProxy$VirtualFilterChain.doFilter:323] Secured GET /?1&iframe
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-7 [CsrfPreventionRequestCycleListener.onBeginRequest:260] Request header Origin: null
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 DEBUG http-nio-8080-exec-7 [SecurityContextPersistenceFilter.doFilter:118] Cleared SecurityContextHolder to complete request
[INFO] [talledLocalContainer] 28.04.2022 10:42:34 WARN http-nio-8080-exec-7 [FilterChainInvokingValve.invoke:79] Failed to continue with the filterChain.
[INFO] [talledLocalContainer] org.apache.catalina.connector.ClientAbortException: java.io.IOException: An established connection was aborted by the software in your host machine
[INFO] [talledLocalContainer] at org.apache.catalina.connector.OutputBuffer.realWriteBytes(OutputBuffer.java:351) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at org.apache.catalina.connector.OutputBuffer.flushByteBuffer(OutputBuffer.java:776) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at org.apache.catalina.connector.OutputBuffer.realWriteChars(OutputBuffer.java:451) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at org.apache.catalina.connector.OutputBuffer.flushCharBuffer(OutputBuffer.java:781) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:295) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at org.apache.catalina.connector.OutputBuffer.flush(OutputBuffer.java:272) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at org.apache.catalina.connector.Response.flushBuffer(Response.java:500) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at org.apache.catalina.connector.ResponseFacade.flushBuffer(ResponseFacade.java:312) ~[catalina.jar:9.0.38]
[INFO] [talledLocalContainer] at javax.servlet.ServletResponseWrapper.flushBuffer(ServletResponseWrapper.java:181) ~[servlet-api.jar:4.0.FR]
The console log only gives the following information:
Anyone any idea what we are missing in our setup to make sure the iframes are loaded correctly?
Or where to look/debug in order to find the root cause?
Kind regards,
Matthijs