View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0005658SOGoWeb Generalpublic2022-12-10 00:332023-01-03 09:20
Reportermodir Assigned Tosebastien  
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionno change required 
Platform[Server] LinuxOSRHEL/CentOSOS Version7
Product Version5.8.0 
Summary0005658: 403 on /SOGo/so/passwordRecoveryEnabled
Description

I updated from 5.6 to 5.8 and now the users can not login anymore over the web interface. In the sogo.log I see always this message at the time of login:

Dec 10 01:09:15 sogod [3157]: "POST /SOGo/so/passwordRecoveryEnabled HTTP/1.0" 403 0/50 0.001 - - 0 - 14

And in the webmaster tools of the browser I see that the 403 can not be handled.

How can I solve this issue?

TagsNo tags attached.

Activities

sebastien

sebastien

2022-12-12 07:50

administrator   ~0016478

Hi this behavior is normal.

This request check of the password recovery feature is enabled for a user. 403 means it's not enabled (forbidden).

Sebastien
modir

modir

2022-12-12 10:01

reporter   ~0016480

But in the frontend I get this error message:

Unhandled error response

So if the 403 is the correct response then the bug is in the frontend.
sebastien

sebastien

2022-12-12 12:57

administrator   ~0016482

Please post sogo logs. It should not be related to this 403.
modir

modir

2022-12-12 15:13

reporter   ~0016483

Those are the three log entries from this time:

Dec 12 16:11:46 sogod [3158]: SOGoRootPage successful login from '1.1.1.1' for user 'XXXXX@XXXXXX.com' - expire = -1 grace = -1
Dec 12 16:11:46 sogod [3158]: 1.1.1.1 "POST /SOGo/connect HTTP/1.0" 200 48/90 0.016 - - 0 - 15
Dec 12 16:11:47 sogod [3158]: 1.1.1.1 "POST /SOGo/so/passwordRecoveryEnabled HTTP/1.0" 403 0/50 0.001 - - 0 - 15
sebastien

sebastien

2022-12-12 16:45

administrator   ~0016488

I don't understand your issue.
You said "now the users can not login anymore over the web interface" however in your logs the /connect endpoint returns a 200 so the user shall be connected.
The 403 error in your browser dev tools is normal.

What is the problem exactly ? What is the browser ? Did you reproduced on demo.sogo.nu ?
modir

modir

2022-12-12 16:54

reporter   ~0016489

We have it with all types of browsers and operating systems. You see in the attached screenshot what all users get after entering username and password. The problem does not exist on your demo website.

Screenshot from 2022-12-12 17-52-23.png (13,081 bytes)   
Screenshot from 2022-12-12 17-52-23.png (13,081 bytes)   
sebastien

sebastien

2022-12-12 17:13

administrator   ~0016490

Ok I see it must be related to a slow network and timing issue. I'll take a look on that
modir

modir

2022-12-12 17:26

reporter   ~0016491

I digged now deeper and found the problem. In-between SOGo and the browser is an nginx. nginx got from SOGo all correct with a 200 status code but send then to the client a 502 status code because of this error:

[error] 1706#1706: *21865 upstream sent too big header while reading response header from upstream, client: 1.1.1.1, server: _, request: "POST /SOGo/connect HTTP/1.1", upstream: "http://127.0.0.1:20000/SOGo/connect"

After implementing the parameters mentioned here it works again:
https://www.cyberciti.biz/faq/nginx-upstream-sent-too-big-header-while-reading-response-header-from-upstream/

I didn't find anything in the sogo documentation about nginx. Maybe it would be good to add a small section about this specific problem. Else you can close the issue.
sebastien

sebastien

2022-12-12 17:37

administrator   ~0016492

Hi thanks for updating.
If anybody got time to update documentation in https://github.com/Alinto/sogo/blob/master/Documentation/SOGoInstallationGuide.asciidoc, add nginx configuration part and do a pull request ;)

Sebastien
zhb

zhb

2022-12-14 04:06

reporter   ~0016498

If you're running iRedMail-1.5.1 or earlier versions, you can follow this tutorial to fix the issue by updating Nginx config file:
https://docs.iredmail.org/upgrade.iredmail.1.5.1-1.5.2.html#nginx-increase-proxy-buffer-size-so-that-user-can-login-to-sogo-webmail
modir

modir

2022-12-14 17:33

reporter   ~0016503

You can close this issue. Once I have an answer for https://bugs.sogo.nu/view.php?id=5661 I will update the documentation and do a pull request as you ask for.
sebastien

sebastien

2023-01-03 09:20

administrator   ~0016519

Thanks @modir !

Issue History

Date Modified Username Field Change
2022-12-10 00:33 modir New Issue
2022-12-12 07:50 sebastien Note Added: 0016478
2022-12-12 07:50 sebastien Assigned To => sebastien
2022-12-12 07:50 sebastien Status new => closed
2022-12-12 07:50 sebastien Resolution open => no change required
2022-12-12 10:01 modir Status closed => feedback
2022-12-12 10:01 modir Resolution no change required => reopened
2022-12-12 10:01 modir Note Added: 0016480
2022-12-12 12:57 sebastien Note Added: 0016482
2022-12-12 15:13 modir Note Added: 0016483
2022-12-12 15:13 modir Status feedback => assigned
2022-12-12 16:45 sebastien Note Added: 0016488
2022-12-12 16:54 modir Note Added: 0016489
2022-12-12 16:54 modir File Added: Screenshot from 2022-12-12 17-52-23.png
2022-12-12 17:13 sebastien Note Added: 0016490
2022-12-12 17:26 modir Note Added: 0016491
2022-12-12 17:37 sebastien Note Added: 0016492
2022-12-14 04:06 zhb Note Added: 0016498
2022-12-14 17:19 sebastien Status assigned => feedback
2022-12-14 17:33 modir Note Added: 0016503
2022-12-14 17:33 modir Status feedback => assigned
2023-01-03 09:20 sebastien Note Added: 0016519
2023-01-03 09:20 sebastien Status assigned => resolved
2023-01-03 09:20 sebastien Resolution reopened => no change required
2023-01-03 09:20 sebastien Status resolved => closed