Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-webui / f2127efa1b7d1c9fc1625f6e30b75be0ed658d53
commitf2127efa1b7d1c9fc1625f6e30b75be0ed658d53[log] [tgz]
authorWiktor Gołgowski <wiktor.golgowski@intel.com>Tue Dec 10 12:46:45 2019 +0100
committerWiktor Gołgowski <wiktor.golgowski@intel.com>Mon Dec 16 13:45:09 2019 +0100
tree714caa1ced867c86e85026b447f0670c4bee8b71
parent86f4056a2dfee6fced5b5b03de04a7ef9c33d74f [diff]
User logged in when IsAuthenticated cookie is set.

Related to https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27270

Currently the only condition checked when user is logged in was the
"LOGIN_ID" value in browser session storage. The only place in the code
where it is set is the Basic Authorization flow.

In case of mTLS authentication, we are not able to set session storage
value. This is why additional 'IsAuthenticated' cookie is added.

In the case when user session expires, the failing XHR should cause the
page to redirect to the login prompt. Additionally, IsAuthenticated
cookie is removed to disable redirection.

Tested: verified the flow with the mTLS changes. User is put in the
webUI interface without login prompt when using mTLS authentication. If
the authentication fails, browser redirects to the login page.

Signed-off-by: Wiktor Gołgowski <wiktor.golgowski@intel.com>
Change-Id: Ia7061f3e146c6547d4bfdf42940150b1a5c06903
2 files changed
tree: 714caa1ced867c86e85026b447f0670c4bee8b71
  1. app/
  2. .clang-format
  3. .gitignore
  4. config.json
  5. format-code.sh
  6. karma.conf.js
  7. LICENSE
  8. MAINTAINERS
  9. package-lock.json
  10. package.json
  11. postcss.config.js
  12. README.md
  13. sonar-project.properties
  14. webpack.config.js
README.md

OpenBMC Web User Interface

The OpenBMC WebUI is a Web-based user interface for the OpenBMC firmware stack. The WebUI uses AngularJS. Features include:

  • View system overview data such as model information and serial number
  • View and manage event logs
  • Inventory data
  • Sensor data
  • Power On/Off server operations
  • Reboot BMC
  • SOL console
  • Remote KVM
  • Virtual media
  • Date and time settings
  • IPv4 network settings
  • Manage and update BMC and Host firmware
  • LDAP
  • SSL certificates
  • Local user management

Requirements

nodejs (>= 4.2.6) npm (>= 6.0.1)

Note The default installation of your Linux distro may not come with the required versions above. See the following for more information on updating:

https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-node https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-npm

Installation

npm install

Note This must be run from within the phosphor-webui git repository.

Running locally

npm run-script server

This will start a server instance and begin listening for connections at http://localhost:8080. This development server provides live reloading on code changes. NOTE: Browsing to https://<BMC> and accepting the self-signed certificate might be required to prevent your browser from blocking traffic to the BMC.

Logging in

Enter the BMC Host or BMC IP address, username, and password. The default username and password are root/0penBmc.

Note that some OpenBMC implementations use bmcweb for its backend. For security reasons, bmcweb will need to be recompiled and loaded onto the target BMC Host before the above redirect command will work. The option to turn on within bmcweb is BMCWEB_INSECURE_DISABLE_XSS_PREVENTION. In order to test locally, you will also need to disable CSRF by turning on BMCWEB_INSECURE_DISABLE_CSRF_PREVENTION.