Help with windows auth on dashboard in PSU

Running the msi version of PSU 1.4.3. I have windows auth enabled & working for the admin console & the management api.

When I turn on auth for my dashboard and browse to the dashboard, I get redirected to a login page /login?returnurl=/dashboard/supportdashboard

I wouldn’t expect to see a login page here… is windows auth not working? When I enter domain credentials, it fails with bad username or password. I’d expect credentials to get passed through, run through the policy scripts, get assigned some roles, and be able to access pages on the dashboard (I have -AuthorizedRoles setup on pages).

Here is a snippet of the log when I hit the login page and enter credentials:

2020-10-28T15:57:55.5000981-04:00 0HM3REVINVSJI:00000007 [INF] Request starting HTTP/1.1 GET https://supportdashboard.company.com:82/dashboard/supportdashboard (ca22a1cb)

2020-10-28T15:57:55.6390246-04:00 0HM3REVINVSJI:00000007 [INF] /dashboard/supportdashboard (c5b3073b)

2020-10-28T15:57:55.6395619-04:00 0HM3REVINVSJI:00000007 [INF] Request finished in 139.4815ms 200 text/html (791a596a)

2020-10-28T15:57:55.9427000-04:00 0HM3REVINVSJI:00000008 [INF] Request starting HTTP/1.1 GET https://supportdashboard.company.com:82/api/internal/dashboard (ca22a1cb)

2020-10-28T15:57:56.0759511-04:00 0HM3REVINVSJI:00000008 [INF] Executing endpoint '"UniversalDashboard.Controllers.UDDashboardController.Index (Universal.Server)"' (500cc934)

2020-10-28T15:57:56.0760452-04:00 0HM3REVINVSJI:00000008 [INF] Route matched with "{action = \"Index\", controller = \"UDDashboard\"}". Executing controller action with signature "System.Threading

.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index()" on controller "UniversalDashboard.Controllers.UDDashboardController" ("Universal.Server"). (122b2fdf)

2020-10-28T15:57:56.2206803-04:00 0HM3REVINVSJI:00000008 [INF] Executing HttpStatusCodeResult, setting HTTP status code 401 (e28ccfae)

2020-10-28T15:57:56.2207481-04:00 0HM3REVINVSJI:00000008 [INF] Executed action "UniversalDashboard.Controllers.UDDashboardController.Index (Universal.Server)" in 144.6732ms (afa2e885)

2020-10-28T15:57:56.2207689-04:00 0HM3REVINVSJI:00000008 [INF] Executed endpoint '"UniversalDashboard.Controllers.UDDashboardController.Index (Universal.Server)"' (99874f2b)

2020-10-28T15:57:56.3479452-04:00 0HM3REVINVSJI:00000008 [INF] Executing endpoint '"UniversalDashboard.Controllers.UDDashboardController.Index (Universal.Server)"' (500cc934)

2020-10-28T15:57:56.3480440-04:00 0HM3REVINVSJI:00000008 [INF] Route matched with "{action = \"Index\", controller = \"UDDashboard\"}". Executing controller action with signature "System.Threading

.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index()" on controller "UniversalDashboard.Controllers.UDDashboardController" ("Universal.Server"). (122b2fdf)

2020-10-28T15:57:56.4744799-04:00 0HM3REVINVSJI:00000008 [INF] Executing HttpStatusCodeResult, setting HTTP status code 401 (e28ccfae)

2020-10-28T15:57:56.4745440-04:00 0HM3REVINVSJI:00000008 [INF] Executed action "UniversalDashboard.Controllers.UDDashboardController.Index (Universal.Server)" in 126.4716ms (afa2e885)

2020-10-28T15:57:56.4745657-04:00 0HM3REVINVSJI:00000008 [INF] Executed endpoint '"UniversalDashboard.Controllers.UDDashboardController.Index (Universal.Server)"' (99874f2b)

2020-10-28T15:57:56.4746591-04:00 0HM3REVINVSJI:00000008 [INF] Request finished in 531.9657ms 401 (791a596a)

2020-10-28T15:57:56.5501688-04:00 0HM3REVINVSJI:00000009 [INF] Request starting HTTP/1.1 GET https://supportdashboard.company.com:82/login?returnurl=/dashboard/supportdashboard (ca22a1cb)

2020-10-28T15:57:56.6782423-04:00 0HM3REVINVSJI:00000009 [INF] /login (68a5683a)

2020-10-28T15:57:56.6788339-04:00 0HM3REVINVSJI:00000009 [INF] Request finished in 128.6704ms 200 text/html (791a596a)

2020-10-28T15:58:02.5734901-04:00 0HM3REVINVSJI:0000000A [INF] Request starting HTTP/1.1 GET https://supportdashboard.company.com:82/api/v1/dashboard/diagnostics/sessions (ca22a1cb)

2020-10-28T15:58:02.7000819-04:00 0HM3REVINVSJI:0000000A [INF] Authorization failed. (b15dd539)

2020-10-28T15:58:02.7001469-04:00 0HM3REVINVSJI:0000000A [INF] AuthenticationScheme: "Cookies" was challenged. (d45f1f38)

2020-10-28T15:58:02.7001646-04:00 0HM3REVINVSJI:0000000A [INF] AuthenticationScheme: "Bearer" was challenged. (d45f1f38)

2020-10-28T15:58:02.7001784-04:00 0HM3REVINVSJI:0000000A [INF] AuthenticationScheme: "Negotiate" was challenged. (d45f1f38)

2020-10-28T15:58:02.8256592-04:00 0HM3REVINVSJI:0000000A [INF] Authorization failed. (b15dd539)

2020-10-28T15:58:02.8257242-04:00 0HM3REVINVSJI:0000000A [INF] AuthenticationScheme: "Cookies" was challenged. (d45f1f38)

2020-10-28T15:58:02.8257451-04:00 0HM3REVINVSJI:0000000A [INF] AuthenticationScheme: "Bearer" was challenged. (d45f1f38)

2020-10-28T15:58:02.8257565-04:00 0HM3REVINVSJI:0000000A [INF] AuthenticationScheme: "Negotiate" was challenged. (d45f1f38)

2020-10-28T15:58:02.8258589-04:00 0HM3REVINVSJI:0000000A [INF] Request finished in 252.3871ms 401 (791a596a)

2020-10-28T15:58:02.8468288-04:00 0HM3REVINVSJI:0000000B [INF] Request starting HTTP/1.1 GET https://supportdashboard.company.com:82/api/v1/dashboard/diagnostics/sessions (ca22a1cb)

2020-10-28T15:58:02.8482455-04:00 0HM3REVINVSJI:0000000B [INF] None (61c24651)

2020-10-28T15:58:02.8485424-04:00 0HM3REVINVSJI:0000000B [INF] Evaluting claims for DOMAIN\USERNAME (71bc73d4)

2020-10-28T15:58:02.8643222-04:00 0HM3REVINVSJI:0000000B [INF] DOMAIN\USERNAME is part of role Administrator (a51f0f8a)

2020-10-28T15:58:02.8974639-04:00 0HM3REVINVSJI:0000000B [INF] DOMAIN\USERNAME is part of role VALID_AD (61c7e190)

2020-10-28T15:58:03.0242141-04:00 0HM3REVINVSJI:0000000B [INF] Evaluting claims for DOMAIN\USERNAME (71bc73d4)

2020-10-28T15:58:03.0415673-04:00 0HM3REVINVSJI:0000000B [INF] DOMAIN\USERNAME is part of role Administrator (a51f0f8a)

2020-10-28T15:58:03.0765804-04:00 0HM3REVINVSJI:0000000B [INF] DOMAIN\USERNAME is part of role VALID_AD (61c7e190)

2020-10-28T15:58:03.0767431-04:00 0HM3REVINVSJI:0000000B [INF] Authorization was successful. (0d575a54)

2020-10-28T15:58:03.0767774-04:00 0HM3REVINVSJI:0000000B [INF] Executing endpoint '"UniversalAutomation.DashboardController.GetTotalSessions (Universal.Server)"' (500cc934)

2020-10-28T15:58:03.0768313-04:00 0HM3REVINVSJI:0000000B [INF] Route matched with "{action = \"GetTotalSessions\", controller = \"Dashboard\"}". Executing controller action with signature "System.

Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] GetTotalSessions()" on controller "UniversalAutomation.DashboardController" ("Universal.Server"). (122b2fdf)

2020-10-28T15:58:03.0791830-04:00 0HM3REVINVSJI:0000000B [INF] Executing JsonResult, writing value of type '"System.Int32"'. (2f513669)

2020-10-28T15:58:03.0793520-04:00 0HM3REVINVSJI:0000000B [INF] Executed action "UniversalAutomation.DashboardController.GetTotalSessions (Universal.Server)" in 2.4898ms (afa2e885)

2020-10-28T15:58:03.0794008-04:00 0HM3REVINVSJI:0000000B [INF] Executed endpoint '"UniversalAutomation.DashboardController.GetTotalSessions (Universal.Server)"' (99874f2b)

2020-10-28T15:58:03.0796998-04:00 0HM3REVINVSJI:0000000B [INF] Request finished in 232.8613ms 200 application/json; charset=utf-8 (791a596a)

2020-10-28T15:58:48.3543272-04:00 0HM3REVINVSJI:0000000C [INF] Request starting HTTP/1.1 POST https://supportdashboard.company.com:82/api/v1/signin?returnurl=/dashboard/supportdashboard application/json 57 (ca22a1cb)

2020-10-28T15:58:48.3544540-04:00 0HM3REVINVSJI:0000000C [INF] CORS policy execution successful. (5409d6ef)

2020-10-28T15:58:48.5001774-04:00 0HM3REVINVSJI:0000000C [INF] Executing endpoint '"UniversalDashboard.Controllers.AuthenticationController.SignIn (Universal.Server)"' (500cc934)

2020-10-28T15:58:48.5003002-04:00 0HM3REVINVSJI:0000000C [INF] Route matched with "{action = \"SignIn\", controller = \"Authentication\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Mi

crosoft.AspNetCore.Mvc.IActionResult] SignIn(UniversalDashboard.Controllers.Credential)" on controller "UniversalDashboard.Controllers.AuthenticationController" ("Universal.Server"). (122b2fdf)

2020-10-28T15:58:48.6841245-04:00 0HM3REVINVSJI:0000000C [ERR] Did not receive authentication result.

Could not find a part of the path 'C:\test\adlogin.txt'.

at <ScriptBlock>, <No file>: line 51

Cannot convert value "False" to type "Security.AuthenticationResult". Error: "Invalid cast from 'System.Boolean' to 'Security.AuthenticationResult'."

at <ScriptBlock>, <No file>: line 58 (bbadc378)

2020-10-28T15:58:48.6842627-04:00 0HM3REVINVSJI:0000000C [INF] Executing JsonResult, writing value of type '"<>f__AnonymousType0`1[[System.String, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyTo

ken=7cec85d7bea7798e]]"'. (2f513669)

2020-10-28T15:58:48.6844120-04:00 0HM3REVINVSJI:0000000C [INF] Executed action "UniversalDashboard.Controllers.AuthenticationController.SignIn (Universal.Server)" in 184.0693ms (afa2e885)

2020-10-28T15:58:48.6844372-04:00 0HM3REVINVSJI:0000000C [INF] Executed endpoint '"UniversalDashboard.Controllers.AuthenticationController.SignIn (Universal.Server)"' (99874f2b)

2020-10-28T15:58:48.6844959-04:00 0HM3REVINVSJI:0000000C [INF] Request finished in 330.1871ms 200 application/json; charset=utf-8 (791a596a)

This seems like a bug. We’ve done some work in 1.5 to correct some authentication stuff and it seems like we might need to port that back to 1.4. If you want to see if 1.5 solves the issue, the latest nightly build has the auth fixes. I’ll open an issue for 1.4 to track this.

Thanks for the reply.

I’ll give the nightly build a try, but we can’t run it in prod.
It would be great to see this ported back to 1.4 if the release timeline for 1.5 is far out there.

Do you have an eta for release of 1.5 (or if the fix is getting ported back to 1.4, when the version with the fix will be released)?

Thanks again!

We’re looking at merging a couple of the auth fixes to 1.4 for a 1.4.8 release next week.