Has anyone successfully integrated OnlyOffice with WebTop 5?
I haven’t been able to get past a 403 Forbidden error:
HTTP Status 403 – Forbidden
Status Report Message: JWT token not signed correctly
Description: The server understood the request but refuses to authorize it.
Apache Tomcat/8.5.35
I think it may relate to the ‘documentserver.local.url’ entry and, if that is correct, perhaps permissions for document cache/storage.
The one setting I wasn’t sure of was: documentserver.loopback.url - which I assume relates to the onlyoffice ‘callback handler’ I have tried a number of iterations all with the same result. The Document starts to open in view or edit mode and then fails with “Download Failed” and then: https://api.onlyoffice.com/editors/callback
Hi @KdB,
for the documentserver.loopback.url key you must necessarily enter the complete URL with which the OnlyOffice server can reach webtop, for example: https://server.domain.com/webtop/
For the problem you showed, did you check what the logs show in this path ? /var/log/onlyoffice/documentserver/
(for example: /var/log/onlyoffice/documentserver/nginx.error.log)
As soon as I have some time I will do some tests too.
In the meantime, @mrmarkuz could have been helpful as he wrote this HowTo and I think he knows OnlyOffice better than me
I had to improve the onlyoffice secret to make it work because
The signing key’s size is 128 bits which is not secure enough for the HS256 algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HS256 MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size). Consider using the io.jsonwebtoken.security.Keys class’s ‘secretKeyFor(SignatureAlgorithm.HS256)’ method to create a key guaranteed to be secure enough for HS256. See RFC 7518 - JSON Web Algorithms (JWA) for more information.
Confirmed. If you use localhost instead of real server name for documentserver.loopback.url then it doesn’t work.
Error: Hostname/IP doesn't match certificate's altnames: "Host: localhost. is not in the cert's altnames: ...
So certificates are checked too.
But I end up with same error while it’s working in Nextcloud. I tested with Onlyoffice Document Server 5.4.0 and 5.4.1:
HTTP Status 403 – Forbidden
Type Status Report
Message JWT token not signed correctly
Description The server understood the request but refuses to authorize it.
This is very strange in that it has started working as expected! After a power cycle it just started working!
I had spent much time on this working on getting the callback right. With all the correct settings in WebTop config still seeing this error in the onlyoffice/nginx error log - which was based on the SSL Cert and it trying to use “http://127.0.0.1” - I had run ‘supervisorctl restart all’ after any changes and did reboot a couple of times:
I didn’t change nginx settings at all so am still confused as to why it started working all of a sudden!! I’ll go back to start again (I have a snapshot) and will document for HowTos - assuming it works correctly this time.
@mrmarkuz : It isn’t a separate server install, it is your module and as per your instructions - thanks again. Yes, I did need to increase the password key to get started, that was the first obvious point in making it work from webtop.
I can confirm that @mrmarkuzonlyoffice module works well with webtop5 - opening/editing both NextCloud or WebTop/Documents.
@lucag would it be easy/possible to map the /com.sonicle.webtop.vfs/mydocuments/user/ folder to the user’s home folder? (ie /var/lib/nethserver/home/user/ )
I did attempt to add the home folder as a local resource but having permission issues there so still playing with that.
I do map the home folder to users’ PCs. Being able to access those folders through webtop remotely would be very handy.
Hi @KdB,
currently there is no possibility to synchronize the WebTop cloud files with a client (as it can be done for Nextcloud) it is an unexpected thing.