我已尝试在示例 node.js 应用程序上使用 express 和 Microsoft 身份验证设置单点登录。
这是步骤和源代码链接
当我在本地运行时,它可以正常工作。当我保留在 kubernetes 中并使用负载均衡器服务 IP 直接访问时,它可以正常工作。但是,当我在 Azure Ubuntu 计算机中部署 k3s VM 并将 Azure 应用网关保留在同一网络中并配置流量以路由到此负载均衡器 IP 时,它会转到登录页面。
但是当我单击“登录”按钮时,出现502 Bad Gateway错误。
当我点击刷新时,日志中出现错误。这是发生错误时的 pod 日志。
onocspresponse: [Function: onocspresponse], onnewsession: [Function: onnewsessionclient], onerror: [Function: onerror], [Symbol(owner_symbol)]: [Circular *1] }, _requestCert: true, _rejectUnauthorized: true, parser: null, _httpMessage: [Circular *2], [Symbol(res)]: TLSWrap { _parent: TCP { reading: [Getter/Setter], onconnection: null, [Symbol(owner_symbol)]: [Circular *1] }, _parentWrap: undefined, _secureContext: SecureContext { context: SecureContext {} }, reading: true, onkeylog: [Function: onkeylog], onhandshakestart: {}, onhandshakedone: [Function (anonymous)], onocspresponse: [Function: onocspresponse], onnewsession: [Function: onnewsessionclient], onerror: [Function: onerror], [Symbol(owner_symbol)]: [Circular *1] }, [Symbol(verified)]: true, [Symbol(pendingSession)]: null, [Symbol(async_id_symbol)]: 76, [Symbol(kHandle)]: TLSWrap { _parent: TCP { reading: [Getter/Setter], onconnection: null, [Symbol(owner_symbol)]: [Circular *1] }, _parentWrap: undefined, _secureContext: SecureContext { context: SecureContext {} }, reading: true, onkeylog: [Function: onkeylog], onhandshakestart: {}, onhandshakedone: [Function (anonymous)], onocspresponse: [Function: onocspresponse], onnewsession: [Function: onnewsessionclient], onerror: [Function: onerror], [Symbol(owner_symbol)]: [Circular *1] }, [Symbol(lastWriteQueueSize)]: 0, [Symbol(timeout)]: null, [Symbol(kBuffer)]: null, [Symbol(kBufferCb)]: null, [Symbol(kBufferGen)]: null, [Symbol(kCapture)]: false, [Symbol(kSetNoDelay)]: false, [Symbol(kSetKeepAlive)]: true, [Symbol(kSetKeepAliveInitialDelay)]: 60, [Symbol(kBytesRead)]: 0, [Symbol(kBytesWritten)]: 0, [Symbol(connect-options)]: { rejectUnauthorized: true, ciphers: 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA', checkServerIdentity: [Function: checkServerIdentity], minDHSize: 1024, maxRedirects: 21, maxBodyLength: Infinity, protocol: 'https:', path: null, method: 'GET', headers: [Object: null prototype] { To bottom Logs from 9/12/2023, 11:19:18 AM