docker-registry-web icon indicating copy to clipboard operation
docker-registry-web copied to clipboard

Published 20 hours ago verified publisher icon mkuchin

unauthorized: authentication required

Open nalingarg2 opened this issue 8 years ago • 3 comments

I have given admin/admin all the read/write permission but when i do : docker push -p admin localhost:5000/admin/alpine i get The push refers to a repository [localhost:5000/admin/alpine] 60ab55d3379d: Preparing unauthorized: authentication required

I think i am doing something fundamentally wrong but could you please help me. Thanks! PS: "docker ps" gives localhost:5000/alpine latest 88e169ea8f46 2 weeks ago 3.984 MB

nalingarg2 avatar Jan 11 '17 00:01 nalingarg2

Could you please provide your docker registry logs and config files for docker registry and docker-registry-web ?

mkuchin avatar Jan 11 '17 01:01 mkuchin

I have the same issue when I try to login using docker login HOST

here is what I have in my registry's logs:

time="2017-01-08T11:20:23.965127557Z" level=warning msg="error authorizing context: authorization token required" go.version=go1.6.3 http.request.host=docker.company.com http.request.id=134f0c06-f992-4066-9d22-07e33993ecba http.request.method=GET http.request.remoteaddr=xxx.xxx.xxx.xxx http.request.uri="/v2/" http.request.useragent="docker/1.12.5 go/go1.6.4 git-commit/7392c3b kernel/4.4.39-boot2docker os/linux arch/amd64 UpstreamClient(Docker-Client/1.12.5 \\(darwin\\))" instance.id=a576384c-4284-4d8d-a724-dd2e3d48c47c version=v2.5.1
172.20.0.4 - - [12/Jan/2017:11:20:23 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/1.12.5 go/go1.6.4 git-commit/7392c3b kernel/4.4.39-boot2docker os/linux arch/amd64 UpstreamClient(Docker-Client/1.12.5 \\(darwin\\))"

My docker registry conf:

version: 0.1

storage:
  filesystem:
    rootdirectory: /registry
  delete:
    enabled: true

http:
  addr: 0.0.0.0:5000

auth:
  token:
    realm: https://docker.company.com/api/auth
    service: localhost:5000
    issuer: test
    rootcertbundle: /etc/docker/registry/auth.cert

log:
  level: info

notifications:
  endpoints:
    - name: listener
      url: https://docker.company.com/api/notification
      timeout: 500ms
      threshold: 5
      backoff: 1s

docker-registry-web config :

registry:
   url: http://docker.company.com:5000/v2
   name: localhost:5000
   readonly: false
   auth:
     enabled: true
     key: /conf/auth.key
     issuer: test

gpapin avatar Jan 12 '17 11:01 gpapin

The weird thing is the logs from the web ui, it looks like there is a anonymous access required:

registry-web     | 2017-01-12 12:14:32,497 [http-bio-8080-exec-3] INFO  web.AuthService  - Anonymous access requested
registry-web     | 2017-01-12 12:14:32,512 [http-bio-8080-exec-3] INFO  api.AuthController  - Scope: null
registry-web     | 2017-01-12 12:14:32,512 [http-bio-8080-exec-3] INFO  api.AuthController  - Translated scope list: []

At least the 2 docker images talk to each other but I can't figure out with the registry is not forwarding the credentials...

gpapin avatar Jan 12 '17 12:01 gpapin