Sunstone 6.0.0.2 auth remote not working

hi,

sunstone auth remote is not working on sunstone 6.0.0.2.

steps to reproduce:

  1. goto sunstone website with your browser
  2. login using apache/sso credentials
  3. click on Login produces red box:

OpenNebula is not running or there was a server exception. Please check the server logs.

and browser js console says

POST
	https://<sunstone-web>/login
Status500
Internal Server Error
  1. refreshing page (F5) finally logs user in

there is an error in journalctl

NoMethodError - undefined method `match' for nil:NilClass:
         /usr/lib/one/sunstone/sunstone-server.rb:548:in `build_session'
         /usr/lib/one/sunstone/sunstone-server.rb:831:in `block in <main>'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
         /usr/share/one/gems-dist/gems/rack-2.2.3/lib/rack/common_logger.rb:38:in `call'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:253:in `call'
         /usr/share/one/gems-dist/gems/rack-2.2.3/lib/rack/deflater.rb:44:in `call'
         /usr/share/one/gems-dist/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
         /usr/share/one/gems-dist/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
         /usr/share/one/gems-dist/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
         /usr/share/one/gems-dist/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
         /usr/share/one/gems-dist/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
         /usr/share/one/gems-dist/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
         /usr/share/one/gems-dist/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
         /usr/share/one/gems-dist/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
         /usr/share/one/gems-dist/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
         /usr/share/one/gems-dist/gems/rack-2.2.3/lib/rack/method_override.rb:24:in `call'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
         /usr/share/one/gems-dist/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
         /usr/share/one/gems-dist/gems/thin-1.8.0/lib/thin/connection.rb:86:in `block in pre_process'
         /usr/share/one/gems-dist/gems/thin-1.8.0/lib/thin/connection.rb:84:in `catch'
         /usr/share/one/gems-dist/gems/thin-1.8.0/lib/thin/connection.rb:84:in `pre_process'
         /usr/share/one/gems-dist/gems/thin-1.8.0/lib/thin/connection.rb:50:in `block in process'
         /usr/share/one/gems-dist/gems/eventmachine-1.2.7/lib/eventmachine.rb:1077:in `block in spawn_threadpool'

there is some problem with sunstone-server.rb:548 line:

request.env[‘HTTP_AUTHORIZATION’].match(…)

there is no HTTP_AUTHORIZATION environment variable during the first run. maybe some weird problem with javascript call. commenting out lines sunstone-server.rb:546-559 fixes the problem.

i expect user logs in sucessfully on the first run, withnout refreshing the page. this worked on 5.12.0.3.

running sunstone on:
Linux nuada-dev 4.19.0-14-cloud-amd64 #1 SMP Debian 4.19.171-2 (2021-01-30) x86_64 GNU/Linux
Debian GNU/Linux 10 (buster)
behind Apache/2.4.38 proxy, forwarding REMOTE_USER as X-Auth-Username

please send any hints or fix the code.

thanks
jan