Announcement

Collapse
No announcement yet.

Session IDs, question

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Session IDs, question

    Hello,

    may you have realized I am working for an OX installment with Lighttpd as webserver daemon. Have tested Lighty with Neo's VMware environment and experienced during login for oxadmin "Ihre Session ist abgelaufen - your session has expired. Bitte loggen sie sich erneut ein - Please login again".
    Without ever got a change to log in before, what means an earlier session can´t be in existence.

    The settings for Lighttpd seems to be ok and may it needs some changes in sources. Do you have an idea to what place in source that kind of settings are stored?

    my settings for AJP13 worker:

    server.modules += ( "mod_proxy_backend_ajp13" )
    $HTTP["url"] =~ "^/servlet/*|^/ajax/*" {
    proxy-core.balancer = "round-robin"
    proxy-core.protocol = "ajp13"
    proxy-core.backends = ( "localhost:8009" )
    proxy-core.max-pool-size = 16
    }
    May I missed something?

  • #2
    I think you don't have cookies activated in your Browser.

    You can set the session timeout in this file:

    /opt/openexchange/etc/groupware/sessiond.properties

    Comment


    • #3
      Many thanks Ben for info.
      Will check both, sessiond.properties and cookie settings for Lighty.

      Comment


      • #4
        Hello Ben,

        it obviously have nothing to do with cookies, with or without following settings

        "mod_usertrack",
        usertrack.cookie-name = "JSESSIONID"
        I get always following cookie named 'JSESSIONID'. The same like in formerly versions of OX.

        I have tried to do some changes in /opt/openexchange/etc/groupware/sessiond.properties without success.

        # session container timeout
        com.openexchange.sessiond.sessionContainerTimeout: 4200000
        commented, played with the number and ox restartet... no way to login

        # check if a user already has a session and overwrite it
        com.openexchange.sessiond.isDoubleLoginPermitted:f alse
        EDIT
        *'false' above not displayed ok. it is false not f alse*
        /EDIT

        Have set from 'false' to 'true', the same result - no login possible.

        Always pop up a message 'Ihre Sitzung ist abgelaufen! Bitte melden Sie sich neu an'...

        Have I missed something in sessiond.properties file?

        In 0.8.X Versions login is possible. I guess there must be a compareable to 0.8.X server.config setting like this below, but where is it in Hyperion?
        SETUPLINK:/umin/Login?NAS_ID=**NAS_ID**&sessionID=**NAS_ID**
        Your help is appreaciated
        Last edited by Guest; 03-28-2007, 07:07 PM.

        Comment


        • #5
          This morning I was trying to get some old code to talk to Hyperions sessiond, and I did note this error would be constant if "com.openexchange.sessiond.isTcpClientSocketEnable d" was set to true in etc/groupware/sessiond.properties.

          Setting it back to false cleared it up for me. (Edit: I doubt this is your problem exactly, but on the off chance you were mucking around with config files
          Last edited by Guest; 03-29-2007, 08:17 AM.

          Comment


          • #6
            i never saw anything like this before and i also don't know how lighty works. do you need this at all?

            Comment


            • #7
              I'll try to clear up the cookie issue a bit. On the whole the OX will set two cookies. One, the JSESSIONID, is used to track the Servlet Session, that's standard handling for all servlets, so whenever your browser talks to a servlet engine (be it ours or tomcat or jetty...) you'll eventually be rewarded with a JSESSIONID cookie.

              The other one is called "open-xchange-session-" plus some random String. That's the one containing the session-id and the one you want to look out for.

              To illustrate this point further: If you fire up telnet and play browser you can get the following exchange:
              ------------[snip]----------

              GET /ajax/login?action=login&name=yourUsername&password=your Password HTTP/1.1
              Host: localhost

              HTTP/1.1 200 OK
              Date: Thu, 29 Mar 2007 08:29:40 GMT
              Server: Apache/2.2.3 (Debian) mod_jk/1.2.18
              Expires: Sat, 6 May 1995 12:00:00 GMT
              Pragma: no-cache
              Cache-Control: post-check=0, pre-check=0
              Set-Cookie: JSESSIONID=9ba87cbab9944ed723cd93772435fc3d346d210 f.OX1; path=/
              Set-Cookie: open-xchange-session-a56470a53963e98a5a69de48eab9f8ec=5a617b18e93a918a2 e360019bab1c1aa; path=/
              Transfer-Encoding: chunked
              Content-Type: text/javascript; charset=UTF-8

              47
              {"session":"a56470a53963e98a5a69de48eab9f8ec","ran dom":"1175156984284"}
              0

              -------------[snap]-----------

              As you can see you are rewarded with a new sessionID and in the cookies section the two cookies I talked about. If you want to play browser yourself you could log onto the machine the OX is running on (or any other adjusting the example accordingly), fire up telnet and type in the request:

              > telnet localhost 80
              Trying 127.0.0.1...
              Connected to localhost.
              GET /ajax/login?action=login&name=yourUsername&password=your Password HTTP/1.1
              Host: localhost
              [return]

              and you can check the answer yourself.

              Comment


              • #8
                Originally posted by Ben Pahne View Post
                i never saw anything like this before and i also don't know how lighty works. do you need this at all?
                Hello Ben,

                The difference between Lighty and Apache2 is, Lighty doesn´t need that kind of ressources like Apache2 and works with better performance. Anyway I always check out both daemons.
                Especially for someone who just suppose to install at small dedicated/local server appreaciate Lighty.
                I offer, in case everything´s run fine you get u/p and see for yourself if you want

                ...
                ...
                > telnet localhost 80
                Trying 127.0.0.1...
                Connected to localhost.
                GET /ajax/login?action=login&name=yourUsername&password=your Password HTTP/1.1
                Host: localhost
                [return]

                and you can check the answer yourself.
                An option I havn´t thought about yet... may this opens my eyes to solve this lil prob... many thanks for the hint and tell you my results later in the day when I checked out this

                Comment


                • #9
                  Hello,

                  the first problem with Authentification seems to be solved now, it was caused by an ipv6 conflict obviously. Have realized this after Francisco's tip with telnet.

                  That request done by telnet reported a 400 error message, what made me perplex a bit and simple 'netstat -tulpen' unearth the truth:

                  AJP13 was running at port 8009 as intended, but just for ipv6 connections.
                  Have used Neo's VM Image to test it out, my own Kernels/web daemons have no ipv6 support yet and that was the last one I suspected to be the reason
                  What anyway makes me wonder: why does it say 'my session has expired' instead message like '403'...hmmmmmm

                  Now, the login passed ok but after this it doesn´t switch from login page to ox components. If you read the logs after successful login it is speaking a different language:

                  "GET /ajax/login?action=login&name=oxadmin&password=password HTTP/1.1" 200 82 "http://ox.testserver.de/ox.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3"
                  "GET /ajax/config/?session=f9a49f88edbd72c5efc952e487e2106c HTTP/1.1" 200 148 "http://ox.testserver.de/ox.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3"
                  "GET /ajax/folders?action=get&session=f9a49f88edbd72c5efc952e 487e2106c&folder=INBOX&id=INBOX&columns=310,311 HTTP/1.1" 200 148 "http://ox.testserver.de/ox.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3"
                  "GET /ajax/quota?action=mail&session=f9a49f88edbd72c5efc952e4 87e2106c HTTP/1.1" 200 148 "http://ox.testserver.de/ox.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3"
                  "GET /ajax/quota?action=filestore&session=f9a49f88edbd72c5efc 952e487e2106c HTTP/1.1" 200 148 "http://ox.testserver.de/ox.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3"
                  "GET /ajax/calendar?action=has&session=f9a49f88edbd72c5efc952 e487e2106c&start=1174867200000&end=1175472000000 HTTP/1.1" 200 148 "http://ox.testserver.de/ox.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3"
                  It proofs my settings for AJP13 worker seems to be okay and Lighty doesn´t understand commands in the scripts or doesn´t know how to handle these requests.
                  I keep an eye on it tomorrow.
                  Many thanks to you both for assistance.
                  Last edited by Guest; 03-29-2007, 11:44 PM.

                  Comment

                  Working...
                  X