Blank screen after admin login to webtop5

NethServer Version: 7.4.1708
Module: webtop
Hi all,
I start a new topic on this, although there are similar topics. They did not help me…
When I try to logon to webtop5 using admin/admin, I only see a blanc screen.
When looking in /var/log/webtop/webtop.log this error is shown:

2017-11-05 16:13:15 [ERROR] c.s.webtop.core.app.ServiceManager - PrivateService: initialize() throws errors [java.lang.ClassCastException: com.sonicle.webtop.core.CoreManager cannot be cast to com.sonicle.webtop.core.admin.CoreAdminManager]
2017-11-05 16:13:15 [ERROR] c.sonicle.webtop.core.servlet.Start - Error
com.sonicle.webtop.core.sdk.WTRuntimeException: Cannot add private service twice
at com.sonicle.webtop.core.app.WebTopSession.cachePrivateService(WebTopSession.java:562)
at com.sonicle.webtop.core.app.WebTopSession.internalInitPrivateEnvironment(WebTopSession.java:402)
at com.sonicle.webtop.core.app.WebTopSession.initPrivateEnvironment(WebTopSession.java:318)
at com.sonicle.webtop.core.servlet.Start.processRequest(Start.java:89)
at com.sonicle.webtop.core.app.AbstractServlet.doGet(AbstractServlet.java:71)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:683)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

Although the password is correct (admin/admin, tested by login on with admin/jhfgjhfgdjkfg, which resulted in a authentication failure) I followed instructions in another thread to edit the postgresql database, resetting the credentials of the admin user.

UPDATE “core”.“local_vault” SET password_type=‘PLAIN’, password=‘admin’ WHERE user_id=‘admin’;

It did not help.
Some other poster was helped by reinstalling NS7, but I’m not willing to do that.
De-installing webtop5 & re-installing it, will delete my calender & addressbook I guess, but that’s fine with me (I’m currently the only webtop-user on the system).
Does anyone has a clue of what’s wrong? And after that, what the solution will be?

TIA,
rolf

Hi @rolf,

The “solution” was backup/restore procedure, but may be still enough work.

Did you try it?

I remember there was a tomcat update recently, did you update?

You seem to have this problem since Aug 18…we have to solve it

Hi Markus,
thx for your reply.
My NS7 is up to date. Tomcat on the box:

root@helium:z-push> $ rpm -qa|grep tomcat
tomcat-servlet-3.0-api-7.0.76-3.el7_4.noarch
tomcat-jsp-2.2-api-7.0.76-3.el7_4.noarch
tomcat-lib-7.0.76-3.el7_4.noarch
tomcat-el-2.2-api-7.0.76-3.el7_4.noarch
tomcat-7.0.76-3.el7_4.noarch

No, I did not yet remove & reinstall, hoping someone came up with a solution without loosing my calender etc.
Is remove & reinstall the first thing to do?
I’ve posted about it before, but it is occuring much longer. I hope you can help me.

I thought it’s no problem for you because you wrote that you are the only webtop user. Remove and reinstall is a fast to try step that may solve a problem, so after resetting password it is one of the next steps in that case IMO.

You could setup a VM and restore a backup of the bad webtop machine. If it works, your calendars are safe, you know that you have a working backup and you have at least the restore option as solution. Then you can try to reinstall and drop databases etc without fear of loosing anything.

before I de-install: what are the global settings that can be changed by admin?
Because that was why I tried to login as admin in the first place.
When I don’t have the need to change anything, I don’t need to lose my content…

You can change domain settings and global user and group settings like nextcloud or chat integration. If you just use Webtop as it is, you won’t need the admin login I think.

grafik.png937×639 34.6 KB

hmmm. I guess I’ll stick to the defaults then…
And try to live with the annoyance of not being able to login as admin…

You don’t have to loose your content, please have a look at the following thread.

Webtop mail location

The SQL-Dump includes the calendar and the addressbook.

thx for this tip, @m.traeumner. So, to sum it up. Advice is to:

• make a db backup using signal-event nethserver-pre-backup-data
• remove webtop5 via the admin-GUI
• (check if db is completely removed)
• reinstall webtop5 using the admin-GUI
• restore db > using what command?

I’ll see if I have time for this tonight, otherwise it will be later this week. I’ll report back.

Hi Rolf,
I think you can restore only the dumpfile with commandline. To restore a single file have a look at the documentation:

Backup — NethServer 7 Final

For restoring the database from dumpfile have a look here:

How to Back Up and Restore a MySQL Database – WebCheatSheet

Before doing the restore, could you please see if is there something relevant inside Tomcat logs:
``
journalctl -u tomcat@webtop

Is this a new installation or an updated one?

@webtop_team what can we inspect?

strangely (?) the log doesn’t give any output when trying to logon as admin (19:40 local time):

Nov 05 17:06:04 helium.rolfbakker.nl server[12068]: Nov 05, 2017 5:06:04 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 17:06:04 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 17:10:02 helium.rolfbakker.nl sudo[10537]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 17:14:50 helium.rolfbakker.nl server[12068]: Nov 05, 2017 5:14:50 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 17:14:50 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 17:40:47 helium.rolfbakker.nl server[12068]: Nov 05, 2017 5:40:47 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 17:40:47 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 18:02:54 helium.rolfbakker.nl sudo[14000]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 18:32:05 helium.rolfbakker.nl server[12068]: Nov 05, 2017 6:32:05 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 18:32:05 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 18:32:25 helium.rolfbakker.nl server[12068]: Nov 05, 2017 6:32:25 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 18:32:25 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 18:35:35 helium.rolfbakker.nl server[12068]: Nov 05, 2017 6:35:35 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 18:35:35 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 18:38:24 helium.rolfbakker.nl sudo[17040]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 18:38:29 helium.rolfbakker.nl sudo[17047]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 18:38:29 helium.rolfbakker.nl server[12068]: Nov 05, 2017 6:38:29 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 18:38:29 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 18:53:36 helium.rolfbakker.nl sudo[19195]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 18:53:40 helium.rolfbakker.nl sudo[19218]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 18:53:53 helium.rolfbakker.nl sudo[19242]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 18:54:34 helium.rolfbakker.nl sudo[19285]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 18:54:38 helium.rolfbakker.nl sudo[19297]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 19:08:10 helium.rolfbakker.nl server[12068]: Nov 05, 2017 7:08:10 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 19:08:10 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 05 21:50:45 helium.rolfbakker.nl sudo[30855]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 21:50:49 helium.rolfbakker.nl sudo[30862]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 21:50:59 helium.rolfbakker.nl sudo[30883]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 05 22:19:15 helium.rolfbakker.nl server[12068]: Nov 05, 2017 10:19:15 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 05 22:19:15 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 06 08:13:05 helium.rolfbakker.nl server[12068]: Nov 06, 2017 8:13:05 AM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 06 08:13:05 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated
Nov 06 13:10:49 helium.rolfbakker.nl sudo[22204]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 06 13:10:52 helium.rolfbakker.nl sudo[22211]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 06 13:11:04 helium.rolfbakker.nl sudo[22244]: tomcat : TTY=unknown ; PWD=/usr/share/tomcat ; USER=root ; COMMAND=/usr/share/webtop/z-push/z-push-admin.php -a l
Nov 06 14:51:41 helium.rolfbakker.nl server[12068]: Nov 06, 2017 2:51:41 PM org.jivesoftware.smackx.ping.PingManager pingServerIfNecessary
Nov 06 14:51:41 helium.rolfbakker.nl server[12068]: WARNING: XMPPConnection was not authenticated

It’s an updated server, no fresh install.

root@helium:logs> $ rpm -qa|egrep -i ‘webtop|tomcat’
nethserver-webtop5-1.1.5-1.ns7.noarch
tomcat-servlet-3.0-api-7.0.76-3.el7_4.noarch
webtop5-zpush-1.1.1-1.ns7.noarch
webtop5-libs-1.1.4-1.ns7.noarch
webtop5-core-1.1.5-1.1.g015fc4a.ns7.noarch
tomcat-jsp-2.2-api-7.0.76-3.el7_4.noarch
tomcat-lib-7.0.76-3.el7_4.noarch
tomcat-el-2.2-api-7.0.76-3.el7_4.noarch
tomcat-7.0.76-3.el7_4.noarch

any more info needed?

Sorry for the delay, I don’t have any idea

Did you solve? If not, please feel free to ping again the webtop team group.

Nope, did not solve. No idea. Luckily it isn’t blocking. Just annoying…

OK, after receiving a mail announcing a new webtop release, I bump this topic. Please @webtop_team have a look again.
In the documentation, a fix is mentioned for the blank screen. Execute a sql-statement to update your webtop db.
When I understand the script right, I’m supposed to edit the table core.users_info in such a way that the admin user gets a e-mailaddress @mydomain.tld
When listing the content of that table, the admin users has admin@localhost. So, the problem to be fixed appears to be there.
However, the UPDATE statement doesn’t return any result. I guess because the SELECT is looking for ‘admin’ with domain_id “Nethserver” and on my machine it is “*”.
My core.users_info table look like:

webtop5=# SELECT domain_id, user_id, email FROM core.users_info ;
domain_id | user_id | email
------------±--------±---------------------
NethServer | test | test@mydomain.nl
'* | admin | admin@localhost
NethServer | joris | joris@mydomain.nl
NethServer | rolf | rolf@mydomain.nl
NethServer | judith | judith@mydomain.nl
(5 rows)

<EDIT: made a smaller selection of above table for better readability. quote before * in the admin-line is because the website interpreted the * as a bullet>

Can I edit the sql-script, leave out the “users_info.domain_id = ‘NethServer’” part? Or should I update the domain_id also?
Please advice, keeping in mind that I’m no sql-hero; I feel comfortable enough to play around with SELECT, but I’m a bit nervous when it comes to UPDATE…

thanks!

Hi @rolf,

In this table there should be two different user_id = ‘admin’.
The one with domain_id = ‘*’ which has an email value for defualt = ‘admin @ localhost’ is related to the WebTop admin with which to access the administrative panel, while the domain_id = ‘NethServer’ and email = ’ admin@domain.tld 'is the admin user taken from the system user base.

It’s correct, you do not have to change the update statement.
Your table is missing the system admin user you need to create on the server-manager in users and groups.

The line with user_id = ‘admin’ and ‘domain_id =’ * 'should be left unchanged otherwise you will have difficulty accessing the WebTop admin panel.

What is reported in the manual here refers to any problems of login with the system admin user (admin@domain.tld) in the case in which this user_id results with the empty email field

I hope I managed to clarify the situation of the two admin

Hi Luca,
thanks for clarifying.
When I look at the admin-panel, section users and groups, I see (apart from myself and my family):

• Administrator, administrator@mydomain.tld, member of domain admins@mydomain.tld
• admin, admin@mydomain.tld, no memberships on that view.
  So, the it appears the different admin-users are there, but they’re not updated (or later removed) to the webtop db.

Can you please advice?Should I add the admin@mydomain.tld manually to the webtop db? Or anything else to do?

It’s quite strange, thus if admin WebTop user works, it’s the only one you usually need.
You should not change the db directly, but you could try to resync using:

signal-event nethserver-webtop5-update

thanks.
When applying the signal-event command, nothing changes in the db-table; still the same as my listing in post 15 (5 rows, one admin with a localhost mailaddress.)
So, that didn’t help me.
How can I check if the admin & administrator are OK in the accountsprovider AD in the first place?
When looking in the system-panel, they are both present. But I can’t see many details.
‘admin’ is there, member of no groups (is that correct?)
‘administrator’ is there,mmber of domain admins group.
anything else to check?

I don’t know much more on WebTop. Please someone from the @webtop_team can give an hand?