disconnection web interface

Use this forum to report bugs and to check for bugfixes and new releases of OpenEMM

Moderator: moderator

disconnection web interface

Postby damien.mathieu » Fri Jun 28, 2013 9:39 am

Hi everybody

I have a problem with openemm web interface. My users are victim of diconnection when are using of openemm. It very current (once or twice per minute).

In the log :

Code: Select all
ERROR [http-8080-12] org.agnitas.util.AgnUtils - no admin found in request session data


and more rarely :


Code: Select all
org.agnitas.web.filter.SessionHijackingPreventionFilter - IP addresses does not match - invalidating session 98BBEB6E0C9150F232C3E642112FCC5E (session: 82.244.165.223, client: 150.70.173.46)


Thank you for your help.
damien.mathieu
 
Posts: 3
Joined: Wed Jun 19, 2013 1:17 pm

Re: disconnection web interface

Postby mdoerschmidt » Tue Jul 02, 2013 7:11 am

Hi Damien,

the problem here is, that requests with same session ID came from different IP addresses. Maybe your users are behind proxies. You can either add affected IP addresses to a whitelist, or remove the entire filter from filter chain.

In WEB-INF/web.xml the filter is defined like that:

Code: Select all
   <filter>
      <filter-name>SessionHijackingPreventionFilter</filter-name>
      <filter-class>org.agnitas.web.filter.SessionHijackingPreventionFilter</filter-class>
      <init-param>
         <param-name>ip-whitelist</param-name>
         <param-value>127.0.0.1</param-value>
      </init-param>
   </filter>
   <filter-mapping>
      <filter-name>SessionHijackingPreventionFilter</filter-name>
      <url-pattern>/*</url-pattern>
   </filter-mapping>


The IP whitelist is a comma-separated list of IP addresses, so you can simply add affected IP addresses. (Note, that you have to list each IP address. IP ranges or net masks are not supported).
If you want to disable the filter, remove the <filter-mapping> section for SessionHihackingPreventionFilter.


Best regards,

Markus
mdoerschmidt
 
Posts: 19
Joined: Fri Jan 04, 2013 8:55 am

Re: disconnection web interface

Postby Schnix » Wed Jul 24, 2013 8:14 am

Hi,

I still have the same problem, although I added my IP to the whitelist and after that deleted the <filter-mapping> section for SessionHihackingPreventionFilter.

Code: Select all
ERROR [http-8080-3] org.agnitas.util.AgnUtils - no admin found in request session data


Thanks.

Stefan
Schnix
 
Posts: 1
Joined: Wed Jul 24, 2013 7:47 am


Return to Bugs, bug fixes & releases

Who is online

Users browsing this forum: No registered users and 1 guest