It seems you are using HTTPS proxy, and according to what you have described this proxy is misconfigured
You need to proxy both HTTP and WebSockets (CSRF protection will also work) Here is an example https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass (please check my answer :))) On Fri, 24 Jan 2020 at 17:14, <[email protected]> wrote: > Hi together, > > > > I am using M3 in my local net (Ubuntu 18.04) without problems, configured > on port 443 with the included self-signed certificate. > > My provider granted Internet access by opening port 443. > > > > The official SSL-certificate is also stored in the provider’s firewall > referring to my local server. > E.g. public URL: https://om5.mydomain.example pointing to local URL > https://192.168.1.100 > > > > The first problem (CSRF detection) has been solved by deactivating this > kind of detection. > > Now I can sign from the public URL, but get stuck after successfully > completed sign in procedure. > > > > I can see the rolling balls and the Chat section at the bottom of the > browser, nothing else. > > The Catalina log shows > > > > DEBUG 01-24 10:41:27.883 o.a.o.d.d.u.UserDao:623 [-nio-443-exec-2] - > login:: 1 users were found > > DEBUG 01-24 10:41:28.588 o.a.o.d.u.AuthLevelUtil:40 [-nio-443-exec-2] - > Level Login :: [GRANTED] > > DEBUG 01-24 10:41:28.589 o.a.o.d.d.u.UserDao:640 [-nio-443-exec-2] - > login user groups [GroupUser [id=1, moderator=false, group=Group [id=1, > name=mydomain.example, deleted=false], user=User [id=1, > firstname=firstname, lastname=lastname, login=mylogin, pictureuri=null, > deleted=false, languageId=1, address=Address [id=1, country=DE, > street=null, town=null, zip=null, deleted=false, [email protected], > phone=null], externalId=null, type=user]]] > > DEBUG 01-24 10:41:28.595 o.a.o.d.u.AuthLevelUtil:40 [-nio-443-exec-2] - > Level Admin :: [GRANTED] > > DEBUG 01-24 10:41:28.738 o.a.o.w.p.MainPage:64 [nio-443-exec-10] - > MainPage::delayedLoad > > DEBUG 01-24 10:41:28.745 o.a.o.d.u.AuthLevelUtil:40 [nio-443-exec-10] - > Level Admin :: [GRANTED] > > DEBUG 01-24 10:41:28.752 o.a.o.d.u.AuthLevelUtil:40 [nio-443-exec-10] - > Level Admin :: [GRANTED] > > DEBUG 01-24 10:41:28.753 o.a.o.d.u.AuthLevelUtil:40 [nio-443-exec-10] - > Level Admin :: [GRANTED] > > DEBUG 01-24 10:41:29.829 o.a.o.w.p.MainPage:99 [-nio-443-exec-7] - > MainPage::onParameterArrival > > DEBUG 01-24 10:41:29.861 o.a.o.w.p.MainPage:50 [-nio-443-exec-4] - > MainPage::areaBehavior > > DEBUG 01-24 10:41:29.939 o.a.o.w.c.MainPanel:398 [-nio-443-exec-4] - > updateContents:: npanels IS null ? false, client IS null ? true > > DEBUG 01-24 10:42:55.946 o.a.o.s.q.s.ReminderJob:93 [Bean#0_Worker-1] - > Rss disabled by Admin > > > > If I login into my local net I can see “WebSocket PINGs” all 30secs even > if I narrow down my local Linux firewall on the server to port 443. > > So, it seems that no additional port is required for websocket in the > firewall. Maybe I am wrong. > > > > Any hints appreciated. > > Thanks in advance, > > Markus > -- WBR Maxim aka solomax
