I have installed Sentry On-Premise (Docker-based installation) on our on-premise Linux servers (behind a firewall). I have set the reverse proxy URL(from Azure AD) as the ROOT URL. Hence users are able to register and access SENTRY from the URL.
But the issue is that the events from the client side are not flowing to Sentry, although the SDK has been installed on the client-side and necessary configuration is made.
But looking closely, As per the documentation, since Sentry is Behind a firewall, we would need to set SENTRY_PUBLIC = True
But unfortunately, I was unable to do so.
I tried to set it in sentry.conf.py file and executed docker-compose build and docker-compose up -d, but it did not replicate the changes.
Kindly advise me if I am trying to do something wrong over here.
Does SENTRY_PUBLIC = True need to be set in my case?
Please let me know if any further information is needed.
Thanks in Advance.
I don’t think this setting applies to you, the docs are a bit misleading there (lack of context around this setting). I’d check my SDK configuration and the DSNs set in them.
django.core.exceptions.ImproperlyConfigured: You must configure ``cache.backend``.
This is the error I seem to be facing.
How do I resolve this error? Any suggestions?
I removed the sentry.conf.py file and executed docker-compose build and docker-compose up -d
Still no use.
Kindly advice.
Coming back to the original issue.
We have followed the instructions based on ‘React Native | Sentry Documentation’
The DSN is configured on our index.tsx file. which looks something like:
This looks suspicious, why is it issuing a 302 redirect? I think Azure AD proxy is requiring auth then not accepting the bearer token for some reason and issuing a redirect to the interactive login page.
You are absolutely correct. We found out that the Bearer token being used here is the ‘Auth-Token’ which we created from Sentry, rather than the Access Token which was provided by the Azure AD. We are working to resolve this issue.
I would appreciate if you can provide links to any documentation (if available) that mentions about seamlessly integrating Azure AD with Sentry.
So yes, OnPremise is installed on a server that requires Azure AD to be accessible. Nor me, nor my colleagues could not find any relevant documentation about providing additional auth headers(especially for our stack, which would be OnPremise on the company server/PC and React Native apps).
So I am correct to assume we need to open the self-hosted sentry for it to work(by removing Azure AD auth requirement)?
Also, this would mean that we would need to extend sentry functionality for our needs for our stack to allow the usage of Azure AD?
The nodejs version of Sentry seems to have possibility (not tested, just browsing the source code) be adjusted to add headers through the transportOptions.headers.
To add here the iOS version of the native code.
I could not find from iOS or Android native code a way to add custom headers, so it would require changes for both of those and the RN native module to pass such information.
The sentry-cli implementation I didn’t check how it makes the requests to the api path. But obviously would require parameters for cli for custom headers, but then again getting token for the AD will be a bit problematic for server side as it would be DevOps Pipelines running the command. Would need to be some persisting token.
