OSS Repository UI has no menu

The OSS Repository 3.25.1-04 UI has no menus after login. The only user that can login is ‘admin’, yet the admin has no menus.
The password for admin works correctly, however if I go to a known menu, i.e. https://:8443/#admin/repository it prompts for the admin password. Yet the password that allowed me to login as admin, doesn’t work at https://:8443/#admin/repository or any other known menu.

I upgraded the system to 3.37.3-02, and the problem remains.

It sounds to me like your admin user has no admin permissions somehow. Checkout this support article: https://support.sonatype.com/hc/en-us/articles/213467158-How-to-reset-a-forgotten-admin-password-in-Nexus-3-x

Ultimately I think you’re going to have to modify some database records to give your user back the appropriate permissions (Step 6 in the OrientDB instructions).

Another possibility could be that your session cookie isn’t getting from the application server to the browser. That could be the fault of a load balancer or reverse proxy, though I don’t think that’s the problem based on your description.

So we have no load balancer or reverse proxy configured. The httpd is only configured to redirect port http port 80 to https and 443 to the Nexus port 8443.

The issue just started last week. No changes have been made since last August.

Every user has the same issue. It’s not just the admin user. I received a ticket that users could no longer login to the nexus server. When I logged in as admin, there is only a basic menu structure where I can change the password of admin.

I will use the document to reset the admin password. This could be the issue as the last time I was on the system it was to change the root password, and update the admin password. That was last August. The system was fine until last week.

@mmartz Okay… So I followed the instructions in https://support.sonatype.com/hc/en-us/articles/213467158-How-to-reset-a-forgotten-admin-password-in-Nexus-3-x

However, I go to https://:8443, select “Login”, it still takes my old password, the password ‘admin123’ does not work here. I still have no menus.

But if I go to https://:8443/#admin/repository I get the prompt for username and password. Here, admin and admin123 work! And I get the admin menus! admin123 as a password did not previously work at this url.

Thus there is still a [password] disconnect between the login/password on the main page and the password in the database.

https://:8443 → admin and our password (admin123 pw fails)
https://:8443/#admin/repository admin and admin123 password

I can’t even begin to guess what’s going on there. It almost seems like you are hitting two different instances of repository manager. You could maybe try tailing the request log as you hit the two different endpoints I suppose to see if that reveals anything interesting. Maybe also try hitting https://:8443/#browse/welcome directly to see if that also takes the admin/admin123 password?

Ah, one more thought. Perhaps your security realms are incorrectly ordered or something? If you have ldap configured make sure the local security realms are first in the list of realms as otherwise LDAP could be intercepting the login information. (It’s probably not that, but I’m just taking a shot)

https://:8443/#browse/welcome is the default url when hitting the server (port 80, port 443) is all redirected to here. So only my original password works here. No one else can login.

https://:8443/#admin/repository allows me to login as admin/admin123. I can traverse through all the menus. I made a backup. I’m building another system to see if I can restore the backup to it.

Okay here is the resolution.
We have three Red Hat IPA servers configured within Nexus for authentication. The first one in the list, though up and responding to queries, is not authenticating users. It is stating that the username and password is incorrect. I moved up the next one on the list to the top.

Users and admin can now login from https://:8443/#browse/welcome

Restarted the misbehaving IPA server. It is now functional and authenticates Nexus users.

1 Like