Skip to content
This repository has been archived by the owner on Mar 17, 2024. It is now read-only.

Ungültiger Benutzerkonto-Name oder Passwort #11

Open
tristan-k opened this issue Apr 3, 2013 · 14 comments
Open

Ungültiger Benutzerkonto-Name oder Passwort #11

tristan-k opened this issue Apr 3, 2013 · 14 comments

Comments

@tristan-k
Copy link

Bis vor kurzem lief mein FSyncMS-Sever bei all-inkl.com noch ohne Schwierigkeiten, aber seit letzer Woche versagt er denn Dienst. Eine gelbe Statuszeile unten im Browser beschwert sich über einen Fehler bei der Synchronisation und ein "Ungültiger Benutzerkonto-Name oder Passwort". Ich habe bereits eine neue MySQL-Datenbank erstellt und die Dateien neu hochgeladen. Erfolglos. Ich verstehe nicht das Problem. An meinen Einstellungen kann es nicht liegen.

Hier die Logs aus about:sync-log:

https://gist.github.com/LaTristesse/5298858

Über Hilfe würde ich mich freuen.
@dmnk
Copy link

dmnk commented May 11, 2013

hi,
i think i've traced it down to weave_utils.php, function verify_user($url_user, $db), and the fact that the apache of my web-host seems to strip the Authorization header.
it's included in the request that firefox generates, but missing in the $_SERVER array (as decoded PHP_AUTH_USER, ...) and even after the cgi/fcgi if/elseif block the $auth_str var is empty.
according to http://stackoverflow.com/questions/4713237/server-removes-custom-http-header-fields it seems to be a "known security feature" of apache, if php is set-up as cgi.

@dmnk
Copy link

dmnk commented May 11, 2013

http://planetozh.com/blog/2009/04/http-authentication-on-php-as-cgi-like-dreamhost/
nice idea, but requires a working .htaccess ;)

.htaccess part:

RewriteEngine on
RewriteRule .* - [E=REDIRECT_REMOTE_USER:%{HTTP:Authorization},L]

php-part:
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
explode(':' , base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));

@tristan-k
Copy link
Author

Thanks for your efforts, but I dont get the php-part. Which lines do I have to change?

@dmnk
Copy link

dmnk commented May 12, 2013

right now i'm not that far.
at least i discovered that the rewrite rule above doesn't seem to work on my webspace, but RewriteCond %{HTTP:Authorization} !^$
RewriteRule ^index.php$ index.php?HTTP_AUTH=%{HTTP:Authorization} seems to do the trick of passing the header as get argument.

a additional

$auth_str = base64_decode(substr($_GET['login'],6) );
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', $auth_str);

above $auth_user = array_key_exists('PHP_AUTH_USER', $_SERVER) ? $_SERVER['PHP_AUTH_USER'] : null;
should do the trick, but i think i've messed up the code somewhere else, as this is not working.
and you should be aware that this might put the "kind of cleartext" password (base64 isn't a encryption, just a transformation) in the access logs of your webhost.

@piotr-cz
Copy link

@dmnk code helped me out:

  • .htaccess:
<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteRule .* - [E=REDIRECT_REMOTE_USER:%{HTTP:Authorization},L]
</IfModule>

list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));

I think there's nothing wrong in supplying .htaccess file in the distribution, it's support is standard now.

Anyway I can't make Sync in Firefox for android even connect to https server (checked with file_put_contents('FSyncMS-dbg.txt', 'pass'))

@Trellmor
Copy link
Contributor

No PHP change necessary if you use one of the already checked headers from weave-utils.php instead of

REDIRECT_REMOTE_USER

@FrogThomas
Copy link

Has anyone found a solution to this problem? I'm trying to setup my FSyncMS Server. Unfortunately I have the same problem (wrong username/password) as described above.

My Error-Log looks like this (it's similar to the one LaTristesse posted earlier):

1376397821037   Sync.Service    INFO    Loading Weave 1.24.0
1376397821039   Sync.Tracker.Clients    WARN    Changed IDs file clients contains non-object value.
1376397821040   Sync.Engine.Clients DEBUG   Engine initialized
1376397821042   Sync.Engine.Clients DEBUG   Resetting clients last sync time
1376397821050   Sync.Tracker.Bookmarks  WARN    Changed IDs file bookmarks contains non-object value.
1376397821050   Sync.Engine.Bookmarks   DEBUG   Engine initialized
1376397821055   Sync.Engine.Forms   DEBUG   Engine initialized
1376397821061   Sync.Engine.History DEBUG   Engine initialized
1376397821065   Sync.Tracker.Passwords  WARN    Changed IDs file passwords contains non-object value.
1376397821065   Sync.Engine.Passwords   DEBUG   Engine initialized
1376397821069   Sync.Engine.Prefs   DEBUG   Engine initialized
1376397821074   Sync.Engine.Tabs    DEBUG   Engine initialized
1376397821076   Sync.Engine.Tabs    DEBUG   Resetting tabs last sync time
1376397821084   Sync.Tracker.Addons WARN    Changed IDs file addons contains non-object value.
1376397821084   Sync.Engine.Addons  DEBUG   Engine initialized
1376397821085   Sync.Service    INFO    Mozilla/5.0 (Windows NT 6.1; WOW64; rv:22.0) Gecko/20100101 Firefox/22.0
1376397821090   Sync.SyncScheduler  DEBUG   Clearing sync triggers and the global score.
1376397821092   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.no_username
1376397821092   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376397821092   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.no_username
1376397821092   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376397821156   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.no_username
1376397821156   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376397821158   Sync.Tracker.AdblockPlus    WARN    Changed IDs file adblockplus contains non-object value.
1376397821158   Sync.Tracker.AdblockPlus.private    WARN    Changed IDs file adblockplus.private contains non-object value.
1376397821159   Sync.Engine.AdblockPlus DEBUG   Engine initialized
1376397821160   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.no_username
1376397821160   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376397849489   Sync.Status INFO    Resetting Status.
1376397849489   Sync.Status DEBUG   Status.service: service.client_not_configured => success.status_ok
1376397849489   Sync.Identity   INFO    Sync Key has no value. Deleting.
1376397849489   Sync.Status DEBUG   Status.login: success.login => error.login.reason.no_recoverykey
1376397849490   Sync.Status DEBUG   Status.service: success.status_ok => service.client_not_configured
1376397849490   Sync.Status DEBUG   Status.login: error.login.reason.no_recoverykey => error.login.reason.no_username
1376397849490   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376397849491   Sync.SyncScheduler  DEBUG   Clearing sync triggers and the global score.
1376397849492   Sync.Service    DEBUG   Skipping client data removal: no cluster URL.
1376397849492   Sync.Service    INFO    Service reset.
1376397849493   Sync.Engine.Clients DEBUG   Resetting clients last sync time
1376397849495   Sync.Engine.Bookmarks   DEBUG   Resetting bookmarks last sync time
1376397849496   Sync.Engine.Forms   DEBUG   Resetting forms last sync time
1376397849497   Sync.Engine.History DEBUG   Resetting history last sync time
1376397849498   Sync.Engine.Passwords   DEBUG   Resetting passwords last sync time
1376397849499   Sync.Engine.Prefs   DEBUG   Resetting prefs last sync time
1376397849500   Sync.Engine.Tabs    DEBUG   Resetting tabs last sync time
1376397849503   Sync.Engine.Addons  DEBUG   Resetting addons last sync time
1376397849504   Sync.Engine.AdblockPlus DEBUG   Resetting adblockplus last sync time
1376397849505   Sync.CollectionKeyManager   INFO    Clearing collection keys...
1376398310889   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.no_username
1376398310890   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376398315614   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.no_username
1376398315614   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376398539094   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.no_username
1376398539094   Sync.Status DEBUG   Status.service: service.client_not_configured => service.client_not_configured
1376398597520   Sync.Identity   INFO    Username changed. Removing stored credentials.
1376398597520   Sync.Identity   INFO    Basic password has no value. Removing.
1376398597520   Sync.Identity   INFO    Sync Key has no value. Deleting.
1376398611040   Sync.UserAPI    INFO    Create account response: 200 "xxxjvodcs5uc432xxxad6ilx4xgiwxxx"
1376398611041   Sync.Identity   INFO    Basic password being updated.
1376398611042   Sync.Identity   INFO    Sync Key being updated.
1376398611045   Sync.SyncKeyBundle  INFO    SyncKeyBundle being created.
1376398611052   Sync.Identity   DEBUG   Updating saved password for xxxjvodcs5uc432xxxad6ilx4xgiwxxx in Mozilla Services Password
1376398611072   Sync.Identity   DEBUG   Updating saved password for xxxjvodcs5uc432xxxad6ilx4xgiwxxx in Mozilla Services Encryption Passphrase
1376398611085   Sync.Status DEBUG   Status.service: service.client_not_configured => success.status_ok
1376398611086   Sync.Status DEBUG   Status.service: success.status_ok => success.status_ok
1376398611101   Sync.Status DEBUG   Status.service: success.status_ok => success.status_ok
1376398611101   Sync.AddonsReconciler   INFO    Registering as Add-on Manager listener.
1376398611102   Sync.AddonsReconciler   DEBUG   Adding change listener.
1376398611255   Sync.Service    DEBUG   User-Agent: Firefox/22.0 FxSync/1.24.0.20130618035212.
1376398611255   Sync.Service    INFO    Starting sync at 2013-08-13 14:56:51
1376398611256   Sync.Service    DEBUG   In sync: should login.
1376398611257   Sync.Status DEBUG   Status.service: success.status_ok => success.status_ok
1376398611257   Sync.Status DEBUG   Status.service: success.status_ok => success.status_ok
1376398611257   Sync.Service    INFO    Logging in user xxxjvodcs5uc432xxxad6ilx4xgiwxxx
1376398611257   Sync.Service    DEBUG   Finding cluster for user xxxjvodcs5uc432xxxad6ilx4xgiwxxx
1376398611421   Sync.Resource   DEBUG   mesg: GET success 200 https://www.domain.tld/FSyncMS/index.php/user/1.0/xxxjvodcs5uc432xxxad6ilx4xgiwxxx/node/weave
1376398611421   Sync.Resource   DEBUG   GET success 200 https://www.domain.tld/FSyncMS/index.php/user/1.0/xxxjvodcs5uc432xxxad6ilx4xgiwxxx/node/weave
1376398611421   Sync.Service    DEBUG   Cluster value = https://www.domain.tld/FSyncMS/index.php/
1376398611421   Sync.Service    DEBUG   Setting cluster to https://www.domain.tld/FSyncMS/index.php/
1376398611422   Sync.Service    DEBUG   Caching URLs under storage user base: https://www.domain.tld/FSyncMS/index.php/1.1/xxxjvodcs5uc432xxxad6ilx4xgiwxxx/
1376398611582   Sync.Resource   DEBUG   mesg: GET fail 401 https://www.domain.tld/FSyncMS/index.php/1.1/xxxjvodcs5uc432xxxad6ilx4xgiwxxx/info/collections
1376398611582   Sync.Resource   DEBUG   GET fail 401 https://www.domain.tld/FSyncMS/index.php/1.1/xxxjvodcs5uc432xxxad6ilx4xgiwxxx/info/collections
1376398611583   Sync.Service    WARN    401: login failed.
1376398611583   Sync.Service    DEBUG   Finding cluster for user xxxjvodcs5uc432xxxad6ilx4xgiwxxx
1376398611694   Sync.Resource   DEBUG   mesg: GET success 200 https://www.domain.tld/FSyncMS/index.php/user/1.0/xxxjvodcs5uc432xxxad6ilx4xgiwxxx/node/weave
1376398611694   Sync.Resource   DEBUG   GET success 200 https://www.domain.tld/FSyncMS/index.php/user/1.0/xxxjvodcs5uc432xxxad6ilx4xgiwxxx/node/weave
1376398611694   Sync.Service    DEBUG   Cluster value = https://www.domain.tld/FSyncMS/index.php/
1376398611695   Sync.Status DEBUG   Status.login: error.login.reason.no_username => error.login.reason.account
1376398611695   Sync.Status DEBUG   Status.service: success.status_ok => error.login.failed
1376398611697   Sync.SyncScheduler  DEBUG   Clearing sync triggers and the global score.

@Trellmor
Copy link
Contributor

If you are on Apache + php as some sort of cgi add this .htaccess

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule>

@FrogThomas
Copy link

WOW - this did the trick. Thanks a lot!

@dmnk
Copy link

dmnk commented Aug 16, 2013

Since some apache configurations are even more problematic (including the one i have to struggle with), i came up with the following solution:
.htaccess
RewriteEngine on
RewriteCond %{HTTP:Authorization} !^$
RewriteRule index.php index.php?HTTP_AUTHORIZATION=%{HTTP:Authorization} [QSA,L]

weave_utils.php
add to the CGI/FCGI auth workarounds

else if (array_key_exists('HTTP_AUTHORIZATION', $_GET)) {
    $auth_str = $_GET['HTTP_AUTHORIZATION'];
}

@bockwurst25
Copy link

Hi,

has anyone an idea for nginx? i have the same proplem with username or password. i tried the htaccess trick and added the workarounds, but nothing worked for me.

@bockwurst25
Copy link

ok, found another solution that works, but thanks for the good work

@jochen35
Copy link

And what is the solution? I've tried all the tips, but I do not get it to work.

@bockwurst25
Copy link

I have installed Ownloud on my server too. There is a Firefox Sync plugin for OwnCloud, this works perfect for me. http://apps.owncloud.com/content/show.php?content=161793

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@piotr-cz @tristan-k @Trellmor @dmnk @FrogThomas @bockwurst25 @jochen35