Announcement

Collapse
No announcement yet.

ipcheck in ox 7.10.1

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wolfgang Rosenauer
    replied
    Originally posted by markus View Post
    Hi,

    had the same issue upgrading from 7.8 to 7.10. IPCheck has to be disabled when running ox-guard. Ironically ox-guard worked with ipcheck enabled in 7.8...
    If it worked something was broken. By design it just does not work and never should have.

    Leave a comment:


  • markus
    replied
    Hi,

    had the same issue upgrading from 7.8 to 7.10. IPCheck has to be disabled when running ox-guard. Ironically ox-guard worked with ipcheck enabled in 7.8...

    Leave a comment:


  • Wolfgang Rosenauer
    replied
    As I thought. You are using Guard (or at least have it partially included).
    IPCheck needs to be disabled with Guard. There is no other option. And it should be described in the Guard setup documentation (hopefully).

    Leave a comment:


  • pewi
    replied
    Its a fresh installation with ox 7.10.1 on a single server with only basic configuration, for testing purpose before we upgrade from 7.8.4
    If I disable the IPCheck, everything is working fine. There is also no warning because of a different client IP address?!

    Here is the log with IPCheck activated, maybe you can take a look on it, thanks in advance!

    Cache ''ExternalAccountFolders'' is operating in distributed mode
    com.openexchange.ajax.action=list
    com.openexchange.ajax.module=folders
    com.openexchange.database.schema=oxdatabase_5
    com.openexchange.grizzly.method=POST
    com.openexchange.grizzly.queryString=<none>
    com.openexchange.grizzly.remoteAddress=10.8.150.55
    com.openexchange.grizzly.remotePort=49590
    com.openexchange.grizzly.requestURI=/ajax/login
    com.openexchange.grizzly.serverName=ox.privat
    com.openexchange.grizzly.servletPath=/ajax/login
    com.openexchange.grizzly.threadName=OXWorker-0000009
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.hostname=ox.privat
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.login.authId=aba295a02e214cddbd38 a473c9ef3b36
    com.openexchange.login.client=open-xchange-appsuite
    com.openexchange.login.clientIp=10.8.150.55
    com.openexchange.login.login=USER1
    com.openexchange.login.resolvedLogin=USER1
    com.openexchange.login.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.login.version=7.10.1-4
    com.openexchange.request.trackingId=489730493-244865249
    com.openexchange.session.authId=aba295a02e214cddbd 38a473c9ef3b36
    com.openexchange.session.clientId=open-xchange-appsuite
    com.openexchange.session.contextId=1
    com.openexchange.session.loginName=USER1
    com.openexchange.session.sessionId=f6d03172e5f3426 f8c16148c9e42750c
    com.openexchange.session.userId=3
    com.openexchange.session.userName=USER1
    2018-12-07T13:37:41,251+0100 INFO [OXWorker-0000012] com.openexchange.ajax.ipcheck.IPCheckers.kick(IPCh eckers.java:213)
    Request to server denied (IP check activated) for session: f6d03172e5f3426f8c16148c9e42750c. Client login IP changed from 127.0.0.1 to 10.8.150.55 and is not covered by IP white-list or netmask.
    com.openexchange.grizzly.method=GET
    com.openexchange.grizzly.queryString=action=get&ti mezone=utc&session=f6d03172e5f3426f8c16148c9e42750 c
    com.openexchange.grizzly.remoteAddress=10.8.150.55
    com.openexchange.grizzly.remotePort=49620
    com.openexchange.grizzly.requestURI=/ajax/user
    com.openexchange.grizzly.serverName=ox.privat
    com.openexchange.grizzly.servletPath=/ajax/user
    com.openexchange.grizzly.threadName=OXWorker-0000012
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.request.trackingId=489730493-244865259
    2018-12-07T13:37:41,338+0100 INFO [OXWorker-0000004] com.openexchange.ajax.SessionUtility.getSession(Se ssionUtility.java:556)
    There is no session associated with session identifier: f6d03172e5f3426f8c16148c9e42750c
    com.openexchange.grizzly.method=GET
    com.openexchange.grizzly.queryString=action=all&ra ngeStart=20181206T230000Z&rangeEnd=20190106T230000 Z&fields=lastModified%2Ccolor%2CcreatedBy%2CendDat e%2Cflags%2Cfolder%2Cid%2Clocation%2CrecurrenceId% 2Crrule%2CseriesId%2CstartDate%2Csummary%2Ctimesta mp%2Ctransp&order=asc&sort=startDate&expand=true&s ession=f6d03172e5f3426f8c16148c9e42750c
    com.openexchange.grizzly.remoteAddress=10.8.150.55
    com.openexchange.grizzly.remotePort=49622
    com.openexchange.grizzly.requestURI=/ajax/chronos
    com.openexchange.grizzly.serverName=ox.privat
    com.openexchange.grizzly.servletPath=/ajax/chronos
    com.openexchange.grizzly.threadName=OXWorker-0000004
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.request.trackingId=489730493-244865260
    2018-12-07T13:37:41,391+0100 INFO [OXWorker-0000012] com.openexchange.ajax.SessionUtility.getSession(Se ssionUtility.java:556)
    There is no session associated with session identifier: f6d03172e5f3426f8c16148c9e42750c
    com.openexchange.grizzly.method=PUT
    com.openexchange.grizzly.queryString=action=list&s ession=f6d03172e5f3426f8c16148c9e42750c
    com.openexchange.grizzly.remoteAddress=10.8.150.55
    com.openexchange.grizzly.remotePort=49624
    com.openexchange.grizzly.requestURI=/ajax/jslob
    com.openexchange.grizzly.serverName=ox.privat
    com.openexchange.grizzly.servletPath=/ajax/jslob
    com.openexchange.grizzly.threadName=OXWorker-0000012
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.request.trackingId=489730493-244865262
    2018-12-07T13:37:41,670+0100 INFO [OXWorker-0000009] com.openexchange.caching.internal.JCSCache.isLocal (JCSCache.java:221)
    Cache ''OXMessageCache'' is operating in local-only mode
    2018-12-07T13:37:41,803+0100 INFO [OXWorker-0000009] com.openexchange.guard.servlets.GuardServletAction .logAction(GuardServletAction.java:238)
    Command sent "delete_session" from IP 127.0.0.1
    com.openexchange.grizzly.method=PUT
    com.openexchange.grizzly.queryString=action=delete _session&sessionId=a3d1f7ddf918f4dc2c822fba21503aa 274eb1a1f
    com.openexchange.grizzly.remoteAddress=127.0.0.1
    com.openexchange.grizzly.remotePort=49628
    com.openexchange.grizzly.requestURI=/oxguard/login
    com.openexchange.grizzly.serverName=localhost
    com.openexchange.grizzly.servletPath=/oxguard/login
    com.openexchange.grizzly.threadName=OXWorker-0000009
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.request.trackingId=489730493-244865274
    2018-12-07T13:37:41,826+0100 INFO [Thread-14] com.openexchange.capabilities.osgi.CapabilitiesEve ntHandler.handleEvent(CapabilitiesEventHandler.jav a:56)
    Cleared capabilities caches for user 3 in context 1 as last active session was dropped.
    2018-12-07T13:37:42,019+0100 INFO [OXWorker-0000017] com.openexchange.guard.servlets.GuardServletAction .logAction(GuardServletAction.java:238)
    Command sent "login" from IP 10.8.150.55
    com.openexchange.grizzly.method=POST
    com.openexchange.grizzly.queryString=action=login& time=1544186260899&session=f6d03172e5f3426f8c16148 c9e42750c
    com.openexchange.grizzly.remoteAddress=10.8.150.55
    com.openexchange.grizzly.remotePort=49616
    com.openexchange.grizzly.requestURI=/oxguard/login
    com.openexchange.grizzly.serverName=ox.privat
    com.openexchange.grizzly.servletPath=/oxguard/login
    com.openexchange.grizzly.threadName=OXWorker-0000017
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.request.trackingId=489730493-244865256
    2018-12-07T13:37:42,020+0100 ERROR [OXWorker-0000017] com.openexchange.guard.servlets.authentication.OXG uardSessionAuthenticationHandler.authenticate(OXGu ardSessionAuthenticationHandler.java:81)
    No valid Guard session for IP 10.8.150.55 for request com.openexchange.http.grizzly.http.servlet.HttpSer vletRequestWrapper@49f1d736.
    com.openexchange.grizzly.method=POST
    com.openexchange.grizzly.queryString=action=login& time=1544186260899&session=f6d03172e5f3426f8c16148 c9e42750c
    com.openexchange.grizzly.remoteAddress=10.8.150.55
    com.openexchange.grizzly.remotePort=49616
    com.openexchange.grizzly.requestURI=/oxguard/login
    com.openexchange.grizzly.serverName=ox.privat
    com.openexchange.grizzly.servletPath=/oxguard/login
    com.openexchange.grizzly.threadName=OXWorker-0000017
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.request.trackingId=489730493-244865256
    2018-12-07T13:37:46,857+0100 INFO [OXWorker-0000017] com.openexchange.login.internal.LoginPerformer.log LoginRequest(LoginPerformer.java:691)
    Login:USER1 IP:10.8.150.55 AuthID:4944b57c4f4d4c9f838524c8358d139a Agent:Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0 Clientpen-xchange-appsuite(7.10.1-4) Interface:HTTP_JSON Context:1(1,defaultcontext) User:3(USER1) Session:d5c6fcf127984660a0752d8041e1eb90 Random:00af1898815049a1902d26e71f6871cd Transient:false
    com.openexchange.grizzly.method=POST
    com.openexchange.grizzly.queryString=<none>
    com.openexchange.grizzly.remoteAddress=10.8.150.55
    com.openexchange.grizzly.remotePort=49610
    com.openexchange.grizzly.requestURI=/ajax/login
    com.openexchange.grizzly.serverName=ox.privat
    com.openexchange.grizzly.servletPath=/ajax/login
    com.openexchange.grizzly.threadName=OXWorker-0000017
    com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.localhost.ipAddress=10.4.150.98
    com.openexchange.localhost.version=7.10.1-Rev3
    com.openexchange.login.authId=4944b57c4f4d4c9f8385 24c8358d139a
    com.openexchange.login.client=open-xchange-appsuite
    com.openexchange.login.clientIp=10.8.150.55
    com.openexchange.login.login=USER1
    com.openexchange.login.resolvedLogin=USER1
    com.openexchange.login.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
    com.openexchange.login.version=7.10.1-4
    com.openexchange.request.trackingId=489730493-244865283
    com.openexchange.session.authId=4944b57c4f4d4c9f83 8524c8358d139a
    com.openexchange.session.clientId=open-xchange-appsuite
    com.openexchange.session.contextId=1
    com.openexchange.session.loginName=USER1
    com.openexchange.session.sessionId=d5c6fcf12798466 0a0752d8041e1eb90
    com.openexchange.session.userId=3
    com.openexchange.session.userName=USER1

    Leave a comment:


  • Wolfgang Rosenauer
    replied
    So you both have changed something else as well and not just updated I can only assume?

    Did you change settings containing *ipcheck* (case insensitive)? Did you fiddle with Guard?

    Leave a comment:


  • oxox
    replied
    Same here. But no time for troubleshooting yet...

    Leave a comment:


  • pewi
    started a topic ipcheck in ox 7.10.1

    ipcheck in ox 7.10.1

    Hi all,
    I'm currently testing ox 7.10.1 and was wondering why I'm always asked for the password after signing in to the ox web interface with the message "Your session is expired" .
    The log file says:
    Request to server denied (IP check activated) for session: 69aa7de835674b619225cf0d7018469e. Client login IP changed from 127.0.0.1 to xx.yy.zz.yy and is not covered by IP white-list or netmask.

    However, in the file /opt/open-xchange/etc/noipcheck.cnf the ip 127.0.0.1 is excluded from the ipcheck.

    Can anybody confirm this issue or is it a miss-configuration in my ox setup?
    Regards Peter
Working...
X