OpenEMM Technical Support Forum

The purpose of these forums is to get and give free technical support for OpenEMM. Spammers and their posts will be removed without prior warning.
https://iframe.agnitas.de/

disconnection web interface

https://iframe.agnitas.de/viewtopic.php?t=2573

Page 1 of 1

disconnection web interface

Posted: Fri Jun 28, 2013 9:39 am
by damien.mathieu
Hi everybody

I have a problem with openemm web interface. My users are victim of diconnection when are using of openemm. It very current (once or twice per minute).

In the log :

Code: Select all

ERROR [http-8080-12] org.agnitas.util.AgnUtils - no admin found in request session data
and more rarely :

Code: Select all

org.agnitas.web.filter.SessionHijackingPreventionFilter - IP addresses does not match - invalidating session 98BBEB6E0C9150F232C3E642112FCC5E (session: 82.244.165.223, client: 150.70.173.46)
Thank you for your help.

Re: disconnection web interface

Posted: Tue Jul 02, 2013 7:11 am
by mdoerschmidt
Hi Damien,

the problem here is, that requests with same session ID came from different IP addresses. Maybe your users are behind proxies. You can either add affected IP addresses to a whitelist, or remove the entire filter from filter chain.

In WEB-INF/web.xml the filter is defined like that:

Code: Select all

	<filter>
		<filter-name>SessionHijackingPreventionFilter</filter-name>
		<filter-class>org.agnitas.web.filter.SessionHijackingPreventionFilter</filter-class>
		<init-param>
			<param-name>ip-whitelist</param-name>
			<param-value>127.0.0.1</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>SessionHijackingPreventionFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>
The IP whitelist is a comma-separated list of IP addresses, so you can simply add affected IP addresses. (Note, that you have to list each IP address. IP ranges or net masks are not supported).
If you want to disable the filter, remove the <filter-mapping> section for SessionHihackingPreventionFilter.


Best regards,

Markus

Re: disconnection web interface

Posted: Wed Jul 24, 2013 8:14 am
by Schnix
Hi,

I still have the same problem, although I added my IP to the whitelist and after that deleted the <filter-mapping> section for SessionHihackingPreventionFilter.

Code: Select all

ERROR [http-8080-3] org.agnitas.util.AgnUtils - no admin found in request session data
Thanks.

Stefan
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited