Welcome to the OWASP-SKF chat room, if you need help or have questions then you are at the right place! https://securityknowledgeframework.org You can also ask our Chatbot questions regarding to security vulnerabilities: @botSKF_gitlab what is xss?
if you change it to skfprovider
then you will see the login screen and also where you can register and activate the admin user
@duvaxD Hi, it looks like you have an access issue
are you sure the SKF-API k8s cluster can talk to the other SKF-Labs k8s cluster?
1 reply
I'm troubleshooting the exact same issue that duvax was. Same behavior hung at loading on labs start. same closed connections and gunicorn errors. trying to troubleshoot why the api isn't accepting those api requests.
best i can venture is something is off in the base64 encoded string i put in the docker-compose file for the "- LABS_KUBE_CONF=" line
i only say that also because i see this line saying the string != .kube/config
any loose pointers for getting the api leg up would be greatly appreciated
I am unable to open the lab
its gives me DNS error
Any idea about why I get a 404 on the root page? It's supposed to load /tutorial but doesn't find that dunno why..
So http://localhost redirects to /tutorial which gets the 404 page.
But http://localhost/tutorial/our-application/ for example works..
I started it locally with docker. Thanks for any ideas
Hello, any idea why I am getting 502 from nginx after I set up the k8s installation on Azure ?
The 502 are thrown by any request to the /api end point
The Web Interface is displayed properly
The 502 are thrown by any request to the /api end point
The Web Interface is displayed properly
or did you do it locally or in Azure k8s?
This is looking beautiful and the wording present on this logo which is crated beautifully I liked the gold color used on those words made it look really superb. This is really creative work done by https://www.resumehelpaustralia.com/resumes-planet-review/ designing company to design this wonderful thing.
I noticed the document in 1.1.4 and 1.1.5 are identical on https://demo.securityknowledgeframework.org/checklists/read/1
and send and email on website and have not yet got an answer
@rachidchokri_twitter the stable version is the Kubernetes installation approach for Azure
we also use this for the online demo
I am assuming someone disabled the admin user. Attempting to use it for a homework for one of my college courses.
Sorry to hear, indeed it happens that somebody disables the admin...
You can also just press the skip login button
You cannot delete or edit stuff
But you can do all the rest in skf
Other solution is running it locally
Using docker compose up
Hi there - I've just run through the instructions as https://github.com/blabla1337/skf-flask/tree/main/installations/docker and when I load the localhost site, it loads correctly visually but it just spams calls to localhost/api/user/skip This generates a 502 Bad Gateway response and the browser tab eats up memory and becomes unresponsive. Anyone else seen this before? I'm on Windows 11 and Docker Desktop 4.6.1
Also we made it a bit easier with the upcoming release we plan this week / next week
by default it will skip the login screen now
Hi all,
Did some troubleshooting and I saw that if you use docker but you don't configure the labs yet, the API container fails to build and APIs are therefore not reachable. This causes the 'skip' endpoint spam and the issues with the login.
To solve it I commented the line in
I still have the option to skip the login even tho I put skfprovider as LOGIN parameter.
Did some troubleshooting and I saw that if you use docker but you don't configure the labs yet, the API container fails to build and APIs are therefore not reachable. This causes the 'skip' endpoint spam and the issues with the login.
To solve it I commented the line in
docker-compose.yml where it says LABS_KUBE_CONF. I also removed the volume parameter in skf-api. Don't forget to update the parameter SKF_API_URL.I still have the option to skip the login even tho I put skfprovider as LOGIN parameter.