Originally posted by markus
View Post
Announcement
Collapse
No announcement yet.
ipcheck in ox 7.10.1
Collapse
X
-
-
Hi,
had the same issue upgrading from 7.8 to 7.10. IPCheck has to be disabled when running ox-guard. Ironically ox-guard worked with ipcheck enabled in 7.8...
Leave a comment:
-
As I thought. You are using Guard (or at least have it partially included).
IPCheck needs to be disabled with Guard. There is no other option. And it should be described in the Guard setup documentation (hopefully).
Leave a comment:
-
Its a fresh installation with ox 7.10.1 on a single server with only basic configuration, for testing purpose before we upgrade from 7.8.4
If I disable the IPCheck, everything is working fine. There is also no warning because of a different client IP address?!
Here is the log with IPCheck activated, maybe you can take a look on it, thanks in advance!
Cache ''ExternalAccountFolders'' is operating in distributed mode
com.openexchange.ajax.action=list
com.openexchange.ajax.module=folders
com.openexchange.database.schema=oxdatabase_5
com.openexchange.grizzly.method=POST
com.openexchange.grizzly.queryString=<none>
com.openexchange.grizzly.remoteAddress=10.8.150.55
com.openexchange.grizzly.remotePort=49590
com.openexchange.grizzly.requestURI=/ajax/login
com.openexchange.grizzly.serverName=ox.privat
com.openexchange.grizzly.servletPath=/ajax/login
com.openexchange.grizzly.threadName=OXWorker-0000009
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.hostname=ox.privat
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.login.authId=aba295a02e214cddbd38 a473c9ef3b36
com.openexchange.login.client=open-xchange-appsuite
com.openexchange.login.clientIp=10.8.150.55
com.openexchange.login.login=USER1
com.openexchange.login.resolvedLogin=USER1
com.openexchange.login.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.login.version=7.10.1-4
com.openexchange.request.trackingId=489730493-244865249
com.openexchange.session.authId=aba295a02e214cddbd 38a473c9ef3b36
com.openexchange.session.clientId=open-xchange-appsuite
com.openexchange.session.contextId=1
com.openexchange.session.loginName=USER1
com.openexchange.session.sessionId=f6d03172e5f3426 f8c16148c9e42750c
com.openexchange.session.userId=3
com.openexchange.session.userName=USER1
2018-12-07T13:37:41,251+0100 INFO [OXWorker-0000012] com.openexchange.ajax.ipcheck.IPCheckers.kick(IPCh eckers.java:213)
Request to server denied (IP check activated) for session: f6d03172e5f3426f8c16148c9e42750c. Client login IP changed from 127.0.0.1 to 10.8.150.55 and is not covered by IP white-list or netmask.
com.openexchange.grizzly.method=GET
com.openexchange.grizzly.queryString=action=get&ti mezone=utc&session=f6d03172e5f3426f8c16148c9e42750 c
com.openexchange.grizzly.remoteAddress=10.8.150.55
com.openexchange.grizzly.remotePort=49620
com.openexchange.grizzly.requestURI=/ajax/user
com.openexchange.grizzly.serverName=ox.privat
com.openexchange.grizzly.servletPath=/ajax/user
com.openexchange.grizzly.threadName=OXWorker-0000012
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.request.trackingId=489730493-244865259
2018-12-07T13:37:41,338+0100 INFO [OXWorker-0000004] com.openexchange.ajax.SessionUtility.getSession(Se ssionUtility.java:556)
There is no session associated with session identifier: f6d03172e5f3426f8c16148c9e42750c
com.openexchange.grizzly.method=GET
com.openexchange.grizzly.queryString=action=all&ra ngeStart=20181206T230000Z&rangeEnd=20190106T230000 Z&fields=lastModified%2Ccolor%2CcreatedBy%2CendDat e%2Cflags%2Cfolder%2Cid%2Clocation%2CrecurrenceId% 2Crrule%2CseriesId%2CstartDate%2Csummary%2Ctimesta mp%2Ctransp&order=asc&sort=startDate&expand=true&s ession=f6d03172e5f3426f8c16148c9e42750c
com.openexchange.grizzly.remoteAddress=10.8.150.55
com.openexchange.grizzly.remotePort=49622
com.openexchange.grizzly.requestURI=/ajax/chronos
com.openexchange.grizzly.serverName=ox.privat
com.openexchange.grizzly.servletPath=/ajax/chronos
com.openexchange.grizzly.threadName=OXWorker-0000004
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.request.trackingId=489730493-244865260
2018-12-07T13:37:41,391+0100 INFO [OXWorker-0000012] com.openexchange.ajax.SessionUtility.getSession(Se ssionUtility.java:556)
There is no session associated with session identifier: f6d03172e5f3426f8c16148c9e42750c
com.openexchange.grizzly.method=PUT
com.openexchange.grizzly.queryString=action=list&s ession=f6d03172e5f3426f8c16148c9e42750c
com.openexchange.grizzly.remoteAddress=10.8.150.55
com.openexchange.grizzly.remotePort=49624
com.openexchange.grizzly.requestURI=/ajax/jslob
com.openexchange.grizzly.serverName=ox.privat
com.openexchange.grizzly.servletPath=/ajax/jslob
com.openexchange.grizzly.threadName=OXWorker-0000012
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.request.trackingId=489730493-244865262
2018-12-07T13:37:41,670+0100 INFO [OXWorker-0000009] com.openexchange.caching.internal.JCSCache.isLocal (JCSCache.java:221)
Cache ''OXMessageCache'' is operating in local-only mode
2018-12-07T13:37:41,803+0100 INFO [OXWorker-0000009] com.openexchange.guard.servlets.GuardServletAction .logAction(GuardServletAction.java:238)
Command sent "delete_session" from IP 127.0.0.1
com.openexchange.grizzly.method=PUT
com.openexchange.grizzly.queryString=action=delete _session&sessionId=a3d1f7ddf918f4dc2c822fba21503aa 274eb1a1f
com.openexchange.grizzly.remoteAddress=127.0.0.1
com.openexchange.grizzly.remotePort=49628
com.openexchange.grizzly.requestURI=/oxguard/login
com.openexchange.grizzly.serverName=localhost
com.openexchange.grizzly.servletPath=/oxguard/login
com.openexchange.grizzly.threadName=OXWorker-0000009
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.request.trackingId=489730493-244865274
2018-12-07T13:37:41,826+0100 INFO [Thread-14] com.openexchange.capabilities.osgi.CapabilitiesEve ntHandler.handleEvent(CapabilitiesEventHandler.jav a:56)
Cleared capabilities caches for user 3 in context 1 as last active session was dropped.
2018-12-07T13:37:42,019+0100 INFO [OXWorker-0000017] com.openexchange.guard.servlets.GuardServletAction .logAction(GuardServletAction.java:238)
Command sent "login" from IP 10.8.150.55
com.openexchange.grizzly.method=POST
com.openexchange.grizzly.queryString=action=login& time=1544186260899&session=f6d03172e5f3426f8c16148 c9e42750c
com.openexchange.grizzly.remoteAddress=10.8.150.55
com.openexchange.grizzly.remotePort=49616
com.openexchange.grizzly.requestURI=/oxguard/login
com.openexchange.grizzly.serverName=ox.privat
com.openexchange.grizzly.servletPath=/oxguard/login
com.openexchange.grizzly.threadName=OXWorker-0000017
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.request.trackingId=489730493-244865256
2018-12-07T13:37:42,020+0100 ERROR [OXWorker-0000017] com.openexchange.guard.servlets.authentication.OXG uardSessionAuthenticationHandler.authenticate(OXGu ardSessionAuthenticationHandler.java:81)
No valid Guard session for IP 10.8.150.55 for request com.openexchange.http.grizzly.http.servlet.HttpSer vletRequestWrapper@49f1d736.
com.openexchange.grizzly.method=POST
com.openexchange.grizzly.queryString=action=login& time=1544186260899&session=f6d03172e5f3426f8c16148 c9e42750c
com.openexchange.grizzly.remoteAddress=10.8.150.55
com.openexchange.grizzly.remotePort=49616
com.openexchange.grizzly.requestURI=/oxguard/login
com.openexchange.grizzly.serverName=ox.privat
com.openexchange.grizzly.servletPath=/oxguard/login
com.openexchange.grizzly.threadName=OXWorker-0000017
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.request.trackingId=489730493-244865256
2018-12-07T13:37:46,857+0100 INFO [OXWorker-0000017] com.openexchange.login.internal.LoginPerformer.log LoginRequest(LoginPerformer.java:691)
Login:USER1 IP:10.8.150.55 AuthID:4944b57c4f4d4c9f838524c8358d139a Agent:Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0 Clientpen-xchange-appsuite(7.10.1-4) Interface:HTTP_JSON Context:1(1,defaultcontext) User:3(USER1) Session:d5c6fcf127984660a0752d8041e1eb90 Random:00af1898815049a1902d26e71f6871cd Transient:false
com.openexchange.grizzly.method=POST
com.openexchange.grizzly.queryString=<none>
com.openexchange.grizzly.remoteAddress=10.8.150.55
com.openexchange.grizzly.remotePort=49610
com.openexchange.grizzly.requestURI=/ajax/login
com.openexchange.grizzly.serverName=ox.privat
com.openexchange.grizzly.servletPath=/ajax/login
com.openexchange.grizzly.threadName=OXWorker-0000017
com.openexchange.grizzly.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.localhost.ipAddress=10.4.150.98
com.openexchange.localhost.version=7.10.1-Rev3
com.openexchange.login.authId=4944b57c4f4d4c9f8385 24c8358d139a
com.openexchange.login.client=open-xchange-appsuite
com.openexchange.login.clientIp=10.8.150.55
com.openexchange.login.login=USER1
com.openexchange.login.resolvedLogin=USER1
com.openexchange.login.userAgent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0
com.openexchange.login.version=7.10.1-4
com.openexchange.request.trackingId=489730493-244865283
com.openexchange.session.authId=4944b57c4f4d4c9f83 8524c8358d139a
com.openexchange.session.clientId=open-xchange-appsuite
com.openexchange.session.contextId=1
com.openexchange.session.loginName=USER1
com.openexchange.session.sessionId=d5c6fcf12798466 0a0752d8041e1eb90
com.openexchange.session.userId=3
com.openexchange.session.userName=USER1
Leave a comment:
-
So you both have changed something else as well and not just updated I can only assume?
Did you change settings containing *ipcheck* (case insensitive)? Did you fiddle with Guard?
Leave a comment:
-
ipcheck in ox 7.10.1
Hi all,
I'm currently testing ox 7.10.1 and was wondering why I'm always asked for the password after signing in to the ox web interface with the message "Your session is expired" .
The log file says:
Request to server denied (IP check activated) for session: 69aa7de835674b619225cf0d7018469e. Client login IP changed from 127.0.0.1 to xx.yy.zz.yy and is not covered by IP white-list or netmask.
However, in the file /opt/open-xchange/etc/noipcheck.cnf the ip 127.0.0.1 is excluded from the ipcheck.
Can anybody confirm this issue or is it a miss-configuration in my ox setup?
Regards PeterTags: None
Leave a comment: