eZ Community » Forums » eZ Platform » ezplatform+Varnish, AUTH fails @...
expandshrink

ezplatform+Varnish, AUTH fails @ "Invalid username or password" with default credentials

ezplatform+Varnish, AUTH fails @ "Invalid username or password" with default credentials

Monday 28 December 2015 7:05:34 pm - 1 reply

I've composer-installed ezplatform-dist on linux64.
My stack is
    My stack is ​​3​​-tier: Nginx/phpfpm(SSL-only/gzip) -> Varnish ->  ezplatform on Nginx/phpfpm (NO-ssl/no-gzip).
    php -v
        PHP 7.0.1-dev (cli) (built: Dec  3 2015 06:05:27) ( NTS )
        Copyright (c) 1997-2015 The PHP Group
        Zend Engine v3.0.0, Copyright (c) 1998-2015 Zend Technologies
            with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2015, by Zend Technologies
    nginx -v
        nginx version: nginx/1.9.9
    varnishtop -V
        varnishtop (varnish-4.1.0 revision b4225ee)
   
I've configured ezplatform in an nginx backend vhost.
On nav to:
    https://dev.loc/ez
I'm redirected to:
    https://dev.loc/ez#/login
There, I enter the default credentials:
    u: admin
    p: publish
AUTH fails with
    "Invalid username or password"
nginx logs on the attempt return
    ==> /var/log/nginx/main.access.log <==
    127.0.0.1 - - [28/Dec/2015:09:53:55 -0800] GET /api/ezp/v2/ HTTP/1.1 "200" 4328 "https://dev.loc/ez" "Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0" "10.10.1.17, 127.0.0.1, 127.0.0.1"
    ==> /var/log/nginx/dev.loc.443.access.log <==
    10.10.1.17 - - [28/Dec/2015:09:53:55 -0800] GET /api/ezp/v2/ HTTP/2.0 "200" 4998 "https://dev.loc/ez" "Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0" "-"
    ==> /var/log/nginx/main.access.log <==
    127.0.0.1 - - [28/Dec/2015:09:53:55 -0800] POST /api/ezp/v2/user/sessions HTTP/1.0 "401" 1761 "https://dev.loc/ez" "Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0" "10.10.1.17, 127.0.0.1, 127.0.0.1"
    ==> /var/log/nginx/dev.loc.443.access.log <==
    10.10.1.17 - - [28/Dec/2015:09:53:55 -0800] POST /api/ezp/v2/user/sessions HTTP/2.0 "401" 271 "https://dev.loc/ez" "Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0" "-"
and varnishlog
    *   << Request  >> 65538    
    -   Begin          req 65537 rxreq
    -   Timestamp      Start: 1451325613.682716 0.000000 0.000000
    -   Timestamp      Req: 1451325613.682716 0.000000 0.000000
    -   ReqStart       127.0.0.1 52838
    -   ReqMethod      GET
    -   ReqURL         /api/ezp/v2/
    -   ReqProtocol    HTTP/1.0
    -   ReqHeader      Host: dev.loc
    -   ReqHeader      X-Real-IP: 10.10.1.17
    -   ReqHeader      X-Forwarded-For: 10.10.1.17
    -   ReqHeader      X-Client-Verify: NONE
    -   ReqHeader      X-SSL-Client-Verify: NONE
    -   ReqHeader      X-Forwarded-Proto: https
    -   ReqHeader      HTTPS: on
    -   ReqHeader      Connection: close
    -   ReqHeader      user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0
    -   ReqHeader      accept: application/vnd.ez.api.Root+json
    -   ReqHeader      accept-language: en-US,en;q=0.5
    -   ReqHeader      accept-encoding: gzip, deflate, br
    -   ReqHeader      dnt: 1
    -   ReqHeader      referer: https://dev.loc/ez
    -   ReqHeader      cookie: eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqUnset       X-Forwarded-For: 10.10.1.17
    -   ReqHeader      X-Forwarded-For: 10.10.1.17, 127.0.0.1
    -   VCL_call       RECV
    -   ReqUnset       X-Forwarded-For: 10.10.1.17, 127.0.0.1
    -   ReqHeader      X-Forwarded-For: 10.10.1.17, 127.0.0.1, 127.0.0.1
    -   ReqUnset       Host: dev.loc
    -   ReqHeader      Host: dev.loc
    -   ReqURL         /api/ezp/v2/
    -   ReqUnset       cookie: eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqHeader      Cookie: eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqUnset       Cookie: eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqHeader      Cookie: ;eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqUnset       Cookie: ;eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqHeader      Cookie: ;eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqUnset       Cookie: ;eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqHeader      Cookie: ;eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqUnset       Cookie: ;eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqHeader      Cookie:
    -   ReqUnset       Cookie:
    -   ReqUnset       accept-encoding: gzip, deflate, br
    -   ReqHeader      Accept-Encoding: gzip
    -   ReqHeader      Surrogate-Capability: key=ESI/1.0
    -   VCL_return     hash
    -   VCL_call       HASH
    -   VCL_return     lookup
    -   Hit            3
    -   VCL_call       HIT
    -   VCL_return     deliver
    -   RespProtocol   HTTP/1.1
    -   RespStatus     200
    -   RespReason     OK
    -   RespHeader     Server: nginx
    -   RespHeader     Content-Type: application/vnd.ez.api.Root+json
    -   RespHeader     X-Powered-By: PHP/7.0.1-dev
    -   RespHeader     Cache-Control: no-cache
    -   RespHeader     Date: Mon, 28 Dec 2015 18:00:03 GMT
    -   RespHeader     X-Cache-Debug: 1
    -   RespHeader     Vary: Cookie, Authorization
    -   RespHeader     X-UA-Compatible: IE=edge,chrome=1
    -   RespHeader     X-Content-Type-Options: nosniff
    -   RespHeader     X-XSS-Protection: 1; mode=block
    -   RespHeader     X-Frame-Options: sameorigin
    -   RespHeader     x-host: dev.loc
    -   RespHeader     x-url: /api/ezp/v2/
    -   RespHeader     X-Varnish: 65538 3
    -   RespHeader     Age: 10
    -   RespHeader     Via: 1.1 varnish-v4
    -   VCL_call       DELIVER
    -   RespHeader     X-Varnish-Cache: HIT
    -   RespHeader     X-Cache-Hits: 1
    -   RespUnset      Server: nginx
    -   RespUnset      X-Powered-By: PHP/7.0.1-dev
    -   RespUnset      X-Varnish: 65538 3
    -   RespUnset      Via: 1.1 varnish-v4
    -   RespUnset      x-host: dev.loc
    -   RespUnset      x-url: /api/ezp/v2/
    -   VCL_return     deliver
    -   Timestamp      Process: 1451325613.682826 0.000110 0.000110
    -   RespHeader     Accept-Ranges: bytes
    -   RespHeader     Content-Length: 4315
    -   Debug          "RES_MODE 2"
    -   RespHeader     Connection: close
    -   Timestamp      Resp: 1451325613.682866 0.000149 0.000040
    -   ReqAcct        537 0 537 417 4315 4732
    -   End           
    *   << Session  >> 65537    
    -   Begin          sess 0 HTTP/1
    -   SessOpen       127.0.0.1 52838 127.0.0.1:6081 127.0.0.1 6081 1451325613.682672 21
    -   Link           req 65538 rxreq
    -   SessClose      RESP_CLOSE 0.000
    -   End           
    *   << BeReq    >> 98307    
    -   Begin          bereq 98306 pass
    -   Timestamp      Start: 1451325613.759511 0.000000 0.000000
    -   BereqMethod    POST
    -   BereqURL       /api/ezp/v2/user/sessions
    -   BereqProtocol  HTTP/1.0
    -   BereqHeader    X-Real-IP: 10.10.1.17
    -   BereqHeader    X-Client-Verify: NONE
    -   BereqHeader    X-SSL-Client-Verify: NONE
    -   BereqHeader    X-Forwarded-Proto: https
    -   BereqHeader    HTTPS: on
    -   BereqHeader    Content-Length: 55
    -   BereqHeader    user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0
    -   BereqHeader    accept: application/vnd.ez.api.Session+json
    -   BereqHeader    accept-language: en-US,en;q=0.5
    -   BereqHeader    accept-encoding: gzip, deflate, br
    -   BereqHeader    dnt: 1
    -   BereqHeader    content-type: application/vnd.ez.api.SessionInput+json
    -   BereqHeader    referer: https://dev.loc/ez
    -   BereqHeader    cookie: eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   BereqHeader    X-Forwarded-For: 10.10.1.17, 127.0.0.1, 127.0.0.1
    -   BereqHeader    Host: dev.loc
    -   BereqHeader    X-Varnish: 98307
    -   VCL_call       BACKEND_FETCH
    -   VCL_return     fetch
    -   BackendOpen    24 boot.default 127.0.0.1 18130 127.0.0.1 58886
    -   Timestamp      Bereq: 1451325613.759673 0.000162 0.000162
    -   Timestamp      Beresp: 1451325613.842801 0.083290 0.083128
    -   BerespProtocol HTTP/1.1
    -   BerespStatus   401
    -   BerespReason   Unauthorized
    -   BerespHeader   Server: nginx
    -   BerespHeader   Content-Type: application/vnd.ez.api.ErrorMessage+json
    -   BerespHeader   Connection: close
    -   BerespHeader   X-Powered-By: PHP/7.0.1-dev
    -   BerespHeader   Cache-Control: private, must-revalidate
    -   BerespHeader   Date: Mon, 28 Dec 2015 18:00:13 GMT
    -   BerespHeader   X-Cache-Debug: 1
    -   BerespHeader   pragma: no-cache
    -   BerespHeader   expires: -1
    -   BerespHeader   Vary: Cookie
    -   BerespHeader   Vary: Authorization
    -   TTL            RFC -1 10 -1 1451325614 1451325614 1451325613 0 0
    -   VCL_call       BACKEND_RESPONSE
    -   TTL            VCL 120 10 0 1451325614
    -   VCL_return     deliver
    -   Storage        malloc Transient
    -   ObjProtocol    HTTP/1.1
    -   ObjStatus      401
    -   ObjReason      Unauthorized
    -   ObjHeader      Server: nginx
    -   ObjHeader      Content-Type: application/vnd.ez.api.ErrorMessage+json
    -   ObjHeader      X-Powered-By: PHP/7.0.1-dev
    -   ObjHeader      Cache-Control: private, must-revalidate
    -   ObjHeader      Date: Mon, 28 Dec 2015 18:00:13 GMT
    -   ObjHeader      X-Cache-Debug: 1
    -   ObjHeader      pragma: no-cache
    -   ObjHeader      expires: -1
    -   ObjHeader      Vary: Cookie, Authorization
    -   Fetch_Body     0 none -
    -   BackendClose   24 boot.default
    -   Timestamp      BerespBody: 1451325613.842884 0.083372 0.000082
    -   Length         0
    -   BereqAcct      651 55 706 310 0 310
    -   End           
    *   << Request  >> 98306    
    -   Begin          req 98305 rxreq
    -   Timestamp      Start: 1451325613.759430 0.000000 0.000000
    -   Timestamp      Req: 1451325613.759430 0.000000 0.000000
    -   ReqStart       127.0.0.1 52840
    -   ReqMethod      POST
    -   ReqURL         /api/ezp/v2/user/sessions
    -   ReqProtocol    HTTP/1.0
    -   ReqHeader      Host: dev.loc
    -   ReqHeader      X-Real-IP: 10.10.1.17
    -   ReqHeader      X-Forwarded-For: 10.10.1.17
    -   ReqHeader      X-Client-Verify: NONE
    -   ReqHeader      X-SSL-Client-Verify: NONE
    -   ReqHeader      X-Forwarded-Proto: https
    -   ReqHeader      HTTPS: on
    -   ReqHeader      Connection: close
    -   ReqHeader      Content-Length: 55
    -   ReqHeader      user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0
    -   ReqHeader      accept: application/vnd.ez.api.Session+json
    -   ReqHeader      accept-language: en-US,en;q=0.5
    -   ReqHeader      accept-encoding: gzip, deflate, br
    -   ReqHeader      dnt: 1
    -   ReqHeader      content-type: application/vnd.ez.api.SessionInput+json
    -   ReqHeader      referer: https://dev.loc/ez
    -   ReqHeader      cookie: eZSESSID98defd6ee70dfb1dea416cecdf391f58=aa63143334ee6969055a4480a92d6f52
    -   ReqUnset       X-Forwarded-For: 10.10.1.17
    -   ReqHeader      X-Forwarded-For: 10.10.1.17, 127.0.0.1
    -   VCL_call       RECV
    -   ReqUnset       X-Forwarded-For: 10.10.1.17, 127.0.0.1
    -   ReqHeader      X-Forwarded-For: 10.10.1.17, 127.0.0.1, 127.0.0.1
    -   ReqUnset       Host: dev.loc
    -   ReqHeader      Host: dev.loc
    -   ReqURL         /api/ezp/v2/user/sessions
    -   VCL_return     pass
    -   VCL_call       HASH
    -   VCL_return     lookup
    -   VCL_call       PASS
    -   VCL_return     fetch
    -   Link           bereq 98307 pass
    -   Timestamp      ReqBody: 1451325613.759665 0.000235 0.000235
    -   Timestamp      Fetch: 1451325613.842913 0.083483 0.083248
    -   RespProtocol   HTTP/1.1
    -   RespStatus     401
    -   RespReason     Unauthorized
    -   RespHeader     Server: nginx
    -   RespHeader     Content-Type: application/vnd.ez.api.ErrorMessage+json
    -   RespHeader     X-Powered-By: PHP/7.0.1-dev
    -   RespHeader     Cache-Control: private, must-revalidate
    -   RespHeader     Date: Mon, 28 Dec 2015 18:00:13 GMT
    -   RespHeader     X-Cache-Debug: 1
    -   RespHeader     pragma: no-cache
    -   RespHeader     expires: -1
    -   RespHeader     Vary: Cookie, Authorization
    -   RespHeader     X-Varnish: 98306
    -   RespHeader     Age: 0
    -   RespHeader     Via: 1.1 varnish-v4
    -   VCL_call       DELIVER
    -   RespHeader     X-Varnish-Cache: MISS
    -   RespHeader     X-Cache-Hits: 0
    -   RespUnset      Server: nginx
    -   RespUnset      X-Powered-By: PHP/7.0.1-dev
    -   RespUnset      X-Varnish: 98306
    -   RespUnset      Via: 1.1 varnish-v4
    -   VCL_return     deliver
    -   Timestamp      Process: 1451325613.842951 0.083520 0.000038
    -   RespHeader     Content-Length: 0
    -   Debug          "RES_MODE 2"
    -   RespHeader     Connection: close
    -   Timestamp      Resp: 1451325613.842975 0.083544 0.000024
    -   ReqAcct        630 55 685 327 0 327
    -   End           
    *   << Session  >> 98305    
    -   Begin          sess 0 HTTP/1
    -   SessOpen       127.0.0.1 52840 127.0.0.1:6081 127.0.0.1 6081 1451325613.759383 22
    -   Link           req 98306 rxreq
    -   SessClose      RESP_CLOSE 0.084
    -   End           
I've verified the mis-behavior with both "~ 1.0.0" and "dev-master" branch installs.
1st, any hints as to how/where to further diagnose this?

Wednesday 30 December 2015 4:08:25 pm

Hi,
could you try to login via frontend on /login?
There it is plain symfony app so you can enable Symfony dev env for instance to further debug if it does not work still.  

expandshrink

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from