Found the solution, posted it on the thread I started (https://groups.google.com/forum/?fromgroups=#!topic/foreman-users/OeOvX_IBkcw):
Foreman uses a few tokens to encrypt things. There are two important ones when building a cluster of Foreman servers: - $foreman_home/config/initializers/encryption_key.rb - this is for encrypting/decrypting passwords in the DB. This wasn't my issue. - $foreman_home/tmp/secret_token.rb - this is used to sign any cookies, and this *was* my issue. Changing that to have the same key across all my servers seems to have fixed the issue. On Tuesday, May 10, 2016 at 2:10:42 AM UTC-4, Chris Baldwin wrote: > > Did you guys ever find a solution to this? > > On Friday, November 6, 2015 at 2:20:56 PM UTC-5, Christopher Pisano wrote: >> >> Hey Matt. I started seeing this when I added a third node to my Foreman >> cluster behind my load balancer. When doing further research it looks as if >> the third node doesn't get a session_id when requests are sent to it thus >> bringing you to the login screen. When trying to log back in I get the same >> error you do. I think the root problem is the third node not getting the >> session_id (in my case) but I don't know how to fix it. >> >> On Thursday, August 27, 2015 at 5:27:00 AM UTC-4, Matt Jarvis wrote: >>> >>> Hello all, >>> >>> We're trying to build out an HA Foreman platform, with two Foreman >>> servers behind HAProxy, using a shared database with an external DNS name >>> that points to the HAProxy endpoint. This is all HTTPS. I've installed the >>> Foreman memcache plugin, with a memcached instance running on each Foreman >>> server, but when I try to login using the external DNS name ie. via the >>> load balancer, I get ERF42-4995 [Foreman::Exception]: Invalid >>> authenticity token with WARNING: Can't verify CSRF token authenticity >>> in the logs. Logging in via either of the two Foreman servers directly >>> works fine. The configuration in foreman_memcache.yaml looks like : >>> >>> :memcache: >>> :hosts: >>> - foreman0.core.sal01.datacentred.co.uk >>> - foreman1.core.sal01.datacentred.co.uk >>> :options: >>> :namespace: foreman >>> :expires_in: 86400 >>> :compress: true >>> >>> Logging in via the loadbalancer works correctly without the memcache >>> plugin running. >>> >>> Any ideas what could be going wrong here ? >>> >>> -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
