- General
-
Ideas
0
Completed
[ 2.0 ] cookie to old behind a proxy
Hi,
Accessing Ubboquity v2 behind a proxy seems a bit complicated !
I reach the loggin page, log in seccuessfully, but when I click on any link, I am asked to log in again. And again. And again... :=)
Here is the appropriate log :
20170419 16:09:02 [qtp883020319-34] INFO com.ubooquity.d.c - Cookie token invalid or too old. Access Denied. [login:zer][ip:192.168.42.42]
It's a simple nginx proxy with the following conf :
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://192.168.42.50:55603;
proxy_buffering off;
}
The same config I used with Ubooquity v1.10.1 and that used to work.
Note :
- Direct access works perfectly. It happens only when the access comes from behind the proxy.
- I tried adding --host 0.0.0.0, ip of the proxy ...
Customer support service by UserEcho
I think we should take a look at the content of the cookie.
Could you do a fresh login (an note the time at wich you do) and post here the cookie you get in your browser following this login ?
Hi,
For me it works well behind apache as proxy between WAN https & LAN http. Login as well as cookie. On a Debian.
I would suspect proxy config...
Mat
I didn't change anything on my proxie's conf, but it's working now.
I updated my debian kernel, nginx, docker and Ubooquity since I made this post, so it will be hard to know exactly from where came this error :D
@Tom : You can close, thanks.
I'm having the same issue w/ an apache reverse proxy. I get the following error in the apache logs:
[Sat May 27 14:08:34.665488 2017] [http:error] [pid 8845] [client xx.xx.xx.xx:16823] AH02429: Response header name ';expires=Mon, 26-Jun-2017 14' contains invalid characters, aborting request
I found the following reference to a recent apache patch that puts a hard stop on invalid headers:
https://blog.tigertech.net/posts/apache-cve-2016-8743/
I suspect this is the issue for anyone running an up to date apache reverse proxy. Any chance of a fix?
Edit:
Just realized there is a 2.0.2 beta available and I'm running 1.10.1. I'm going to give the beta a go and see if that fixes the reverse proxy header issues.
Edit2:
Just installed 2.0.2 and it works great behind the proxy. All is well again.