I see no issues in your log, is it filtered? Also I need more details on your configuration: 1) do you have https proxy + http OM ? 2) what changes did you made to OM config files?
On Wed, Nov 22, 2017 at 1:23 PM, Coscend@OM <om.insig...@coscend.com> wrote: > Dear OpenMeetings Developers, > > > > We would appreciate any vectors regarding this issue we have been facing > since OpenMeetings 3.3.1 release. > > > > 1. We are able to successfully login into OM DIRECTLY (without proxy > server) all versions including 4.0.1-SNAPSHOT. > > 2. Via a proxy server, we are unable to login into versions 3.3.1 and > later. Upon clicking on submit button, it reloads the login page with > empty > username and password fields. The browser dev gives status 200 with no > exceptions. The proxy logs give status 200. > > In 3.3.0, CSRF and other security features were introduced. Our proxy > server has these configurations including redirect rule to same origin for > HTTP request. > > > > > > SEEKING GUIDANCE: LOGIN LOGIC IN 3.3.1+ / 4.0.1 > > -------------------------------------------------------------------------- > > Could someone describe the "changes in LOGIN LOGIC" from v. 3.3.1 onwards > (which is also in v. 4.0.1)? > > > > Process flow: > > > > To isolate the issue, content security policy code was commented out in > Application.java before compilation. > > > > Om-web/./web/app/Websession.java > > Om-web/./web/pages/auth/SignInPage.java --> calls SignInDialog.java > > Om-db/./dao/user/UserDao.java > > Om-db/./dao/util/AuthLevelUtil.java - Level Admin :: [GRANTED] > > [ > > ==>IT IS FAILING HERE.during login via proxy server. It goes back and > reloads the login page with empty fields. > > ] > > > > Om-db/./dao/util/AuthLevelUtil.java - Level Admin :: [GRANTED] > > Om-db/./dao/util/AuthLevelUtil.java - Level Admin :: [GRANTED] > > Om-web/./web/app/Application.java > > Om-web/./web/common/MainPanel.java --> home page loads > > > > DETAILED LOGS > > DEBUG 11-21 22:27:38.412 18208 74 o.a.o.d.d.s.LdapConfigDao > [105-6083-exec-2] - getActiveLdapConfigs > > DEBUG 11-21 22:28:47.783 87579 594 o.a.o.d.d.u.UserDao [105-6083-exec-2] - > login:: 1 users were found > > DEBUG 11-21 22:28:47.791 87587 39 o.a.o.u.c.CryptProvider [105-6083-exec-2] > - getInstanceOfCrypt:: configKeyCryptClassName: > org.apache.openmeetings.util.crypt.SCryptImplementation > > DEBUG 11-21 22:28:48.365 88161 42 o.a.o.d.u.AuthLevelUtil [105-6083-exec-2] > - Level Login :: [GRANTED] > > DEBUG 11-21 22:28:48.374 88170 611 o.a.o.d.d.u.UserDao [105-6083-exec-2] - > loginUser [GroupUser [id=1, moderator=false, group=Group [id=1, > name=Coscend, deleted=false], user=User [id=1, firstname=firstname, > lastname=lastname, login=Coscendtest, pictureuri=null, deleted=false, > languageId=1, address=Address [id=1, country=US, street=null, town=null, > zip=null, deleted=false, email=i...@coscend.com, phone=null], > externalId=null, > externalType=null, type=user]]] > > DEBUG 11-21 22:28:48.406 88202 42 o.a.o.d.u.AuthLevelUtil [105-6083-exec-2] > - Level Admin :: [GRANTED] > > DEBUG 11-21 22:28:48.508 88304 42 o.a.o.d.u.AuthLevelUtil [105-6083-exec-6] > - Level Admin :: [GRANTED] > > DEBUG 11-21 22:28:48.751 88547 42 o.a.o.d.u.AuthLevelUtil [105-6083-exec-8] > - Level Admin :: [GRANTED] > > DEBUG 11-21 22:28:50.412 90208 388 o.a.o.w.a.Application [105-6083-exec-6] > - > Adding online client: a36ff887-25cd-4774-a5f6-6ceafaaf88db, room: null > > DEBUG 11-21 22:28:50.421 90217 145 o.a.o.w.c.MainPanel [105-6083-exec-6] - > WebSocketBehavior::onConnect [uid: a36ff887-25cd-4774-a5f6-6ceafaaf88db, > session: CDD77C3323F2D33735824E1B0FCC0570, key: > org.apache.wicket.protocol.ws.api.registry.PageIdKey@0] > > DEBUG 11-21 22:28:50.427 90223 154 o.a.o.w.c.MainPanel [105-6083-exec-6] - > WebSocketBehavior:: pingTimer is attached > > DEBUG 11-21 22:28:51.683 91479 255 o.a.o.d.d.r.RoomDao [105-6083-exec-4] - > getUserRoom : 1 || conference > > DEBUG 11-21 22:28:51.691 91487 263 o.a.o.d.d.r.RoomDao [105-6083-exec-4] - > Could not find room 1 || conference > > WARN 11-21 22:28:51.693 91489 78 o.a.o.d.d.r.SipDao [105-6083-exec-4] - > There is no Asterisk configured > > DEBUG 11-21 22:28:51.703 91499 255 o.a.o.d.d.r.RoomDao [105-6083-exec-4] - > getUserRoom : 1 || presentation > > DEBUG 11-21 22:28:51.706 91502 263 o.a.o.d.d.r.RoomDao [105-6083-exec-4] - > Could not find room 1 || presentation > > WARN 11-21 22:28:51.706 91502 78 o.a.o.d.d.r.SipDao [105-6083-exec-4] - > There is no Asterisk configured > > DEBUG 11-21 22:28:51.711 91507 191 o.a.o.d.d.r.RoomDao [105-6083-exec-4] - > getAppointedRoomsByUser : UserID - 1 > > > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > > > Coscend Communications Solutions > > <http://www.coscend.com/> www.Coscend.com > > ------------------------------------------------------------------ > > Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, > Telepresence Services, on the fly. > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > <http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html> > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > > > > > > > > --- > This email has been checked for viruses by AVG. > http://www.avg.com > -- WBR Maxim aka solomax