Homepage | Products | OX Knowledge Base | Support | Try Now | Contact | Company
OX Logo
Results 1 to 4 of 4
  1. #1

    Default Grizzly - Single Sign On

    Hello,

    we encouter problems when trying to connect via get to ajax/sso. My call is:

    https://ox.server.tld/ajax/sso?actio...XXXX3831eab038

    The response of the server is:

    {"category":8,"error_params":["get","/ajax/sso"],"error":"Auf dem Server trat ein vorübergehender Fehler auf. Die Anfrage konnte nicht verarbeitet werden. ","error_id":"1933572570-29","categories":"ERROR","code":"SVL-0014"}

    This is from /var/log/open-xchange/open-xchange.log.0 :

    Error processing request:
    com.openexchange.grizzly.remotePort=42073
    com.openexchange.grizzly.requestIp=192.168.145.15
    com.openexchange.grizzly.requestURI=/ajax/sso
    com.openexchange.grizzly.serverName=ox6.server.tld
    com.openexchange.grizzly.servletPath=/ajax/sso
    com.openexchange.grizzly.threadName=OXWorker-0000037
    com.openexchange.http.grizzly.userAgent=Mozilla/5.0 (X11; Linux i686; rv:25.0) Gecko/20100101 Firefox/25.0
    com.openexchange.session.session={contextId=10, userId=43, sessionId=21fcXXXXXXX3831eab038, login=user.name, localIp=192.168.145.15, authId=e06cXXXXX8a3ed62fc, hash=ZCsiAXXXXKCVzpnw, client=com.openexchange.ox.gui.dhtml, transient=false}
    com.openexchange.session.sessionId=21fcXXXXXXX3831 eab038

    SVL-0014 Categories=ERROR Message='Action "get" on request path "/ajax/sso" is not permitted via a non-secure connection.' exceptionID=-989778917-31
    at com.openexchange.exception.OXExceptionFactory.crea te(OXExceptionFactory.java:171)
    [...]

    Before we upgraded from ajp to grizzy packages everything was working, meaning the get on ajax/sso was giving back username and password.

    I have no clue what I could change, I was also looking for X-Forwarded thing in the config, but this also didn't work.

    Anybody has an idea?

    Regards,

    J.Müller-Lahn

  2. #2

    Default

    The Open-Xchange is either unable or unwilling to help, but I found it myselfs:

    Edit: /opt/open-xchange/etc/server.properties

    and change "com.openexchange.forceHTTPS=false" to "com.openexchange.forceHTTPS=true"

    afterwards do a "/etc/init.d/open-xchange restart".

    After this SSO works with grizzly like it should.

    Regards,

    J. Müller-Lahn

  3. #3
    Join Date
    Sep 2007
    Location
    Germany
    Posts
    494

    Default

    This might be a workaround.
    But it's not a solution unfortunately.

    Have you tried
    RequestHeader set X-Forwarded-Proto "https"
    in the Apache config before?

  4. #4

    Default

    Hi,

    you're right. This was the real parameter, so adding "RequestHeader set X-Forwarded-Proto "https"" to /etc/apache2/mods-enabled/ssl.conf worked for me, even if "com.openexchange.forceHTTPS=false".

    Regards,

    J.Müller-Lahn
    Last edited by jmueller-lahn; 02-03-2014 at 04:18 PM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •