WebTop screwed up?

NethServer Version: 7.8
Module: WebTop

Well I did the upgrade to 7.8 yesterday without (apparent) problems.
Today an update for a few systems including WebTop came up and now my WebTop interface cannot login.
It either stays in “loading in progress…” screen, or few times I managed to reach the login screen with no actual graphics (broken graphic placeholders) and cannot actually log in.

EDIT: Even cockpit WebTop settings did not work initially! It failed to load index.html.

Any help is appreciated because this is my family mail server and I don’t know what to do.

Can you clean cache and retry?

You mean on the browser? Already did.
I also use ctrl-F5 instead of F5.

Did it again now, again login screen with no graphics loaded (errors) and when I try to login I again get the “loading” forever screen.

Also tried another browser I don’t use (so it doesn’t have any cached data) and same response: Login screen with no graphics (and a “v5.7”) and login fails (no error, just stays there).

I didn’t do a thing, but there is a change. I now get graphics (WebTop logo), but still login doesn’t render properly, goes to the top of the window instead of the center AND still doesn’t actually login.

I am a bit worried now to not lose my mail content, rules etc.
Any help appreciated, I really need this fixed.

Webtop is an interface. The messages are still readable from any imap client, keeps being received and sent (if not via Webtop)
For rules, if I recall it correctly, they should be written into siege mailfilters, which should be independent from being accessed, but not take this as granted, refer to documentation.

Check logs and status of related services (like tomcat8, rh-php72-php-fpm…)

Have you tried to rebooting the server?

Which log in particular?
The webtop settings (where its own logs can be viewed) works intermittently (“might be temporary down” reports my browser) - after a few refreshes I can see it. Weird.

Last entries (which are almost an hour before my last attempts, which is also weird… no new entries?) are these:

2020-05-20 16:26:36 [ERROR] c.s.webtop.core.app.shiro.WTRealm - Authentication error
com.sonicle.security.auth.DirectoryException: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
at com.sonicle.security.auth.directory.AbstractLdapDirectory.authenticate(AbstractLdapDirectory.java:118)
at com.sonicle.webtop.core.app.shiro.WTRealm.authenticateUser(WTRealm.java:189)
at com.sonicle.webtop.core.app.shiro.WTRealm.doGetAuthenticationInfo(WTRealm.java:95)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53)
at org.apache.shiro.web.filter.authc.FormAuthenticationFilter.onAccessDenied(FormAuthenticationFilter.java:154)
at com.sonicle.webtop.core.app.shiro.WTFormAuthFilter.onAccessDenied(WTFormAuthFilter.java:126)
at org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133)
at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162)
at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203)
at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at com.sonicle.webtop.core.app.shiro.filter.GZip.doFilterInternal(GZip.java:60)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:747)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:609)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

As for services, I find all (related or unrelated) running.
Only services not running are: lsm, p3scan (hmm), vsftpd.

I restarted the whole NS a few times (it is a VM) and tomcat8@webtop service by itself.
When I get home I’ll reboot my whole host (an unRAID setver), but I doubt this is related in any way.

FWIW the host reboot should not be necessary to solve the issue. In any case, maybe your host has some update to process/digest… so feel free to do it if necessary :slight_smile:

I can suggest you a blind shot, try:

signal-event nethserver-webtop5-update

I can’t decode the log, maybe @lucag can help here.

1 Like

OK some news. The problem might not be completely WebTop related, although I do still believe there is an issue somewhere that does relate to it.

On my LAN, the web client works ok!
From work, where I discovered the issue, it also worked fine until when I say in OP.
Work and home are in hardware VPN (i.e. routers do it) and everything, including DNS resolution works fine (all other things from my home server work as they used to, I can see my shares, Cockpit, etc.).
Note, FQDN resolves but hostname only, doesn’t (and that was the case always).
IP also works (with the same issue).

So, I don’t know what could be the issue, maybe something changed in NS networking, or whatever.

Again: Issue still stands, not sure it is fully a WebTop issue. Nothing changed except patches. I am 99% sure that even 7.7 to 7.8 didn’t create the issue (I am 99% sure it still worked) and only happened after latest patches.

If you think it’s something related to VPN, see:

No, VPN works fine and doesn’t have such issues (and wasn’t touched and is done by my routers). It is like two subnets on same network. No NAT needed, no ports to forward. Both routers know the other side network (both as IP range and as DNS) and trust it.

I just noticed it doesn’t work after WebTop patch, over the VPN.

I wonder if it is some timeout issue (something that became stricter on WebTop web service?), although there are no speed or latency issues between the two networks (I sometimes transfer few GB of data with simple file copy).
It is really weird.

Hello, if WebTop works find in the LAN, than definetly it’s not a WebTop related problem.
Looks more about some change in apache or firewall that are not correctly delivering webtop files on the VPN.
BTW, don’t worry about mails and rules, they’re safely stored in the imap server.

Gabriele

1 Like

Thanks. I wonder how I can resolve the issue though…
Nothing happened except the post-7.8 updates.

Or maybe the updates solved the flaws that allowed you to connect anyway nevertheless “the presumably incorrect settings that you made”.
Always assumpting, never had a precise idea if there’s effectively something wrong…
Would you try to revise part of your configuration here o start from scratch into a different thread?

OK will try this later.