FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. hamza.chouaibi
    H
    • Profile
    • Following 0
    • Followers 0
    • Topics 1
    • Posts 3
    • Best 0
    • Controversial 0
    • Groups 0

    hamza.chouaibi

    @hamza.chouaibi

    0
    Reputation
    1
    Profile views
    3
    Posts
    0
    Followers
    0
    Following
    Joined Last Online
    hamza.chouaibi Unfollow Follow

    Latest posts made by hamza.chouaibi

    • RE: FusionAuth setting wrong domain the the cookie

      @mark-robustelli

      Here is a detailed explanation of my tests.

      Modifying /etc/hosts

      I added the following entries to my /etc/hosts file:

      127.0.0.1   auth.domain.test
127.0.0.1   app.domain.test

      Nginx Proxy Configuration

      Authentication Service

      server {
    listen 443;
    server_name auth.domain.test;
    ssl_certificate     /etc/nginx/conf.d/ssl/localhost.crt;
    ssl_certificate_key /etc/nginx/conf.d/ssl/localhost.key;

    location / {
        proxy_pass http://EC2-instance-IP:9011;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header "X-Forwarded-Port" "80";
        proxy_http_version 1.1;
    }
}

      Application Service

      server {
    listen 443;
    server_name app.domain.test;
    ssl_certificate     /etc/nginx/conf.d/ssl/localhost.crt;
    ssl_certificate_key /etc/nginx/conf.d/ssl/localhost.key;

    location / {
        proxy_pass http://app-container:4200;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

      Testing Different TLDs

      I then replaced the .test TLD with several alternatives to determine which ones worked in this local setup. The tested TLDs and their outcomes are summarized in the table below:

      TLD Result
      .local Failed
      .test Failed
      .internal Failed
      .net Succeeded
      .org Succeeded
      .com Succeeded

      Nothing changed in all the tests except the TLDs, so I doubt it's an issue with the proxy.

      We deciced to use .net for our local dev env and this working fine now for all our develpers.

      posted in Q&A
      H
      hamza.chouaibi
    • RE: FusionAuth setting wrong domain the the cookie

      @mark-robustelli Thank you for ther reply.

      There is my setup.

      Local dev environement all running on docker containers with one Nginx acting as proxy for all of them.

      All the custom domain are set in /etc/hosts
      All domains running on SSL with self signed certificate.

      For each test I only change the tld
      so it's
      Application: https://app.domain.tld
      FusionAuth: https://auth.domain.tld

      Tested with these .test. .local, .test. and .net

      .local, .test amd .internal ending up in errors with the domain test or local

      .net, .com and org both woks

      for .dev can't even get the SSL to work

      We will just use one of the working tld at the moment for all our dev stack.

      The only thing in common that I can find for these tls is that they are listed as Reserved domains in https://en.wikipedia.org/wiki/Top-level_domain

      posted in Q&A
      H
      hamza.chouaibi
    • FusionAuth setting wrong domain the the cookie

      I am using custom local domains.

      https://auth.domain.test <= FusionAuth
      https://app.domain.test <= Angular app

      I also tried FusionAuth at https://auth.app.domain.test but I still get the same issue and chrome block the cookie.

      I am getting issue with cookies, the domain on cookies is test.

      Example: app.at_exp=1742980022; Domain=test; Max-Age=3599; Path=/; SameSite=Lax; Secure

      Any idea why we endup wuth Domain=test ?

      posted in Q&A
      H
      hamza.chouaibi