Hello,
Is the WebContextUrl value set correctly?
You will need to set this if the url you are trying to access Portal on is different from the machine name, eg if there is a CNAME or alias.
If you check the network traffic, do you see a 302? If so, what does the Location header return? Sounds like your LB may be updating the Location header incorrectly.
Thanks Jonathan for the reply, that is my suspicion also, we have an apache load balancer and reverse proxy - so almost 2 proxies so I rekon the headers are been joined somewhere enroute. I'm sitting down with our Apache guy today who setup the loadbalancer and the reversproxy to look at the redirects and the headers to take a look and see what we can do .
Spotted this on the Apache site @
Hi Jonathan,
Still working on this issue and I'm at a dead end ... We resolved the issue (partially) above by doing urlrewrite to omit the <comma> <space> <loadbalncer url and now my sharing rest login works. However I feel that this has only resolved the login issue and the redirects using the headers are causing all raster analytics gp tasks to fail (sample error code at the end). I managed to change the redirect-uri by adding ProxyAddHeaders Off and RequestHeader unset X-Forwarded-Host, RequestHeader unset X-Forwarded-For, RequestHeader unset X-Forwarded-Server - to the loadbalancer config, this resulted in the redirect_uri changing to only he internal loadbalancer address - which is of no use. Was not able to make any difference by changing the public facing reverse proxy configs .. so we opted for the Rewrite. So now when I run a rasteranalytics task I get and error that indicates that the response json is incorrect or empty ? I'm assuming because its not getting a response possibly? ** the internal address of teh analytics server is being returned in the error .. Any ideas please . Is there a way to capture the traffic to diagnose this ? .. I had planned to add some python outpt messages in teh offending .py files listed below to see a bit more of whatt was beeing sent around... but was reluctant until I asked the question.
Job Status: esriJobFailed
Job Messages:
esriJobMessageTypeInformative: Submitted.
esriJobMessageTypeInformative: Executing...
esriJobMessageTypeInformative: Start Time: Tuesday, October 19, 2021 4:06:17 PM
esriJobMessageTypeInformative: Raster Analytics helper service: https://<MY RASTER ANALYTICS SERVER>:6443/arcgis
esriJobMessageTypeInformative: Failed script BuildOverview...
esriJobMessageTypeError: Traceback (most recent call last): File "E:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\Resources\ArcToolBox\Services\Scripts\BuildOverview.py", line 15, in <module> import rasterutils File "E:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\Resources\ArcToolBox\Services\Scripts\rasterutils.py", line 153, in <module> RUN_ON_AGOL = isAGOL() File "E:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\Resources\ArcToolBox\Services\Scripts\rasterutils.py", line 143, in isAGOL msgjson = r.json() File "E:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\bin\Python\envs\arcgispro-py3\Lib\site-packages\requests\models.py", line 898, in json return complexjson.loads(self.text, **kwargs) File "E:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\bin\Python\envs\arcgispro-py3\Lib\json\__init__.py", line 354, in loads return _default_decoder.decode(s) File "E:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\bin\Python\envs\arcgispro-py3\Lib\json\decoder.py", line 339, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "E:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\bin\Python\envs\arcgispro-py3\Lib\json\decoder.py", line 357, in raw_decode raise JSONDecodeError("Expecting value", s, err.value) from None json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
esriJobMessageTypeError: Failed to execute (BuildOverview).
esriJobMessageTypeInformative: Failed at Tuesday, October 19, 2021 4:06:18 PM (Elapsed Time: 1.19 seconds)
esriJobMessageTypeError: Failed.
Hi
There is the same issue on our system. Made an IT Support Issue. They suspect it's an entry (urlrewrite) in our proxy. But there is none in that case. We double checked it . Otherwise, rewrites would generally have to be made with the DNS alias (in relation to authorization forwarding)
I know we had the issue in 10.8 and found no solution.
Currently we are on ArcGIS Enterprise 10.9.
Here our developer output from the browser:
client_id: arcgisonline
display: default
response_type: code
expiration: 20160
locale: en-us
force_login: true
hideCancel: true
showSignupOption: false
redirect_uri: https://<DNS_ALIAS>, <DNSALIAS>/portal/sharing/rest/login?
It's a comment separated list which is passed (i sanitarised it). Comma and Space = ,%20
The first entry is with https added (looks like WebContext), the second without https.
Maybe an upgrade issue? We need also help here. Thanks
Best regards
Max
Hi Max, we are working on this today so I'll update if we have any sucess
hi
did you check the following https://localhost:7443/arcgis/portaladmin/security/oauth/getAppInfo
Hi thanks for replying .. yep I checked this and its all good, but thanks
Hi
we fixed this issue as follows:
<Location /portal>
RequestHeader unset X-Forwarded-Host
RequestHeader unset X-Forwarded-Server
</Location>
Background:
The first Proxy or LB is used to set the header and add one value. The second Proxy adds a second value:
Reverseproxy 1
↓ X-Forwarded-Host: hostname1
Reverseproxy 2
↓ X-Forwarded-Host: hostname1, hostname2
…
Reverseproxy N
↓ X-Forwarded-Host: hostname1, hostname2, …,hostnameN
Backend
Due to the Request Header "unset" directive the current value will be deleted thus only one value is received by the backend:
Reverseproxy 1
↓ X-Forwarded-Host: hostname1
Reverseproxy 2
↓ X-Forwarded-Host: hostname1, hostname2
…
Reverseproxy N (RequestHeader unset X-Forwarded-Host)
↓ X-Forwarded-Host: hostnameN
Backend
Same with X-Forwarded-Server Header.
Hope this helps.
Best regards
Max