According to my understanding these 2 lines: The official SSL-certificate is also stored in the provider’s firewall referring to my local server. E.g. public URL: https://om5.mydomain.example pointing to local URL https://192.168.1.100
means you are using proxy (even if it is configured by your provider) if not - please provide more details :) On Sun, 26 Jan 2020 at 20:44, <[email protected]> wrote: > Thank you for your hint, but I am not using a proxy like Apapche. > My Tomcat is configured on port 443, nothing in between. This port is > opened in the firewall for https-connections, no other ports or protocols. > > As mentioned the CSRF problem is already solved but I am still facing the > rolling ball after successful login. > *Gesendet:* Freitag, 24. Januar 2020 um 11:22 Uhr > *Von:* "Maxim Solodovnik" <[email protected]> > *An:* "Openmeetings user-list" <[email protected]> > *Betreff:* Re: M3 shows rolling balls and the chat section, nothing else > It seems you are using HTTPS proxy, > and according to what you have described this proxy is misconfigured > > You need to proxy both HTTP and WebSockets (CSRF protection will also work > ) > Here is an example > > https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass > (please check my answer :))) > > On Fri, 24 Jan 2020 at 17:14, <[email protected]> wrote: > >> Hi together, >> >> >> >> I am using M3 in my local net (Ubuntu 18.04) without problems, configured >> on port 443 with the included self-signed certificate. >> >> My provider granted Internet access by opening port 443. >> >> >> >> The official SSL-certificate is also stored in the provider’s firewall >> referring to my local server. >> E.g. public URL: https://om5.mydomain.example pointing to local URL >> https://192.168.1.100 >> >> >> >> The first problem (CSRF detection) has been solved by deactivating this >> kind of detection. >> >> Now I can sign from the public URL, but get stuck after successfully >> completed sign in procedure. >> >> >> >> I can see the rolling balls and the Chat section at the bottom of the >> browser, nothing else. >> >> The Catalina log shows >> >> >> >> DEBUG 01-24 10:41:27.883 o.a.o.d.d.u.UserDao:623 [-nio-443-exec-2] - >> login:: 1 users were found >> >> DEBUG 01-24 10:41:28.588 o.a.o.d.u.AuthLevelUtil:40 [-nio-443-exec-2] - >> Level Login :: [GRANTED] >> >> DEBUG 01-24 10:41:28.589 o.a.o.d.d.u.UserDao:640 [-nio-443-exec-2] - >> login user groups [GroupUser [id=1, moderator=false, group=Group [id=1, >> name=mydomain.example, deleted=false], user=User [id=1, >> firstname=firstname, lastname=lastname, login=mylogin, pictureuri=null, >> deleted=false, languageId=1, address=Address [id=1, country=DE, >> street=null, town=null, zip=null, deleted=false, [email protected], >> phone=null], externalId=null, type=user]]] >> >> DEBUG 01-24 10:41:28.595 o.a.o.d.u.AuthLevelUtil:40 [-nio-443-exec-2] - >> Level Admin :: [GRANTED] >> >> DEBUG 01-24 10:41:28.738 o.a.o.w.p.MainPage:64 [nio-443-exec-10] - >> MainPage::delayedLoad >> >> DEBUG 01-24 10:41:28.745 o.a.o.d.u.AuthLevelUtil:40 [nio-443-exec-10] - >> Level Admin :: [GRANTED] >> >> DEBUG 01-24 10:41:28.752 o.a.o.d.u.AuthLevelUtil:40 [nio-443-exec-10] - >> Level Admin :: [GRANTED] >> >> DEBUG 01-24 10:41:28.753 o.a.o.d.u.AuthLevelUtil:40 [nio-443-exec-10] - >> Level Admin :: [GRANTED] >> >> DEBUG 01-24 10:41:29.829 o.a.o.w.p.MainPage:99 [-nio-443-exec-7] - >> MainPage::onParameterArrival >> >> DEBUG 01-24 10:41:29.861 o.a.o.w.p.MainPage:50 [-nio-443-exec-4] - >> MainPage::areaBehavior >> >> DEBUG 01-24 10:41:29.939 o.a.o.w.c.MainPanel:398 [-nio-443-exec-4] - >> updateContents:: npanels IS null ? false, client IS null ? true >> >> DEBUG 01-24 10:42:55.946 o.a.o.s.q.s.ReminderJob:93 [Bean#0_Worker-1] - >> Rss disabled by Admin >> >> >> >> If I login into my local net I can see “WebSocket PINGs” all 30secs even >> if I narrow down my local Linux firewall on the server to port 443. >> >> So, it seems that no additional port is required for websocket in the >> firewall. Maybe I am wrong. >> >> >> >> Any hints appreciated. >> >> Thanks in advance, >> >> Markus >> > > > -- > WBR > Maxim aka solomax > > > -- WBR Maxim aka solomax
