Hello.
I’ve got strange problem. I’ve seen it on Nextcloud 21.0.4, so i upgraded to 22.1.1.2 but it didn’t help.
I can login correctly using HTTPS. My Nextcloud Windows client, and Android client are logged in correctly and working fine.
But when i try to login without SSL (using HTTP://) Then it always come back to login page. Just like i would refresh login page. Same time https:// is working correctly.
Nextcloud version (eg, 20.0.5): 22.1.1 - 22.1.1.2
Operating system and version (eg, Ubuntu 20.04): Linux 4.18.0-305.19.1.el8_4.x86_64 #1 SMP Tue Sep 7 07:07:31 EDT 2021 x86_64 - RHEL8
Apache or nginx version (eg, Apache 2.4.25): nginx/1.14.1 (fpm-fcgi)
PHP version (eg, 7.4): 7.4.24
Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, cgi-fcgi, bcmath, bz2, calendar, ctype, curl, dom, mbstring, fileinfo, ftp, gd, gettext, gmp, iconv, imap, intl, json, exif, mysqlnd, PDO, Phar, posix, shmop, SimpleXML, sockets, sodium, sqlite3, sysvmsg, sysvsem, sysvshm, tokenizer, xml, xmlwriter, xsl, mcrypt, mysqli, pdo_mysql, pdo_sqlite, recode, xmlreader, xmlrpc, zip, apcu, geos, igbinary, imagick, lzf, msgpack, phpiredis, smbclient, zstd, mysql, redis, libsmbclient, Zend OPcache
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
- Load main login page using HTTP (without SSL, on port 80).
- Enter correct login details.
- After click on Login button Login page is loaded again and again.
The output of your Nextcloud log in Admin > Logging:
{"reqId":"ZP7H0eHsFkD6bLogfNne","level":0,"time":"2021-09-28T22:18:09+00:00","remoteAddr":"192.168.50.1","user":"--","app":"files_sharing","method":"GET","url":"/","message":"/appinfo/app.php is deprecated, use \\OCP\\AppFramework\\Bootstrap\\IBootstrap on the application class instead.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0","version":"22.1.1.2"}
{"reqId":"7KVDqaLvBM3rKe2UjaBU","level":0,"time":"2021-09-28T22:18:09+00:00","remoteAddr":"192.168.50.1","user":"--","app":"files_sharing","method":"GET","url":"/login","message":"/appinfo/app.php is deprecated, use \\OCP\\AppFramework\\Bootstrap\\IBootstrap on the application class instead.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0","version":"22.1.1.2"}
{"reqId":"fWQTDHkA940qTQRpHaRe","level":0,"time":"2021-09-28T22:18:12+00:00","remoteAddr":"192.168.50.1","user":"--","app":"files_sharing","method":"POST","url":"/login","message":"/appinfo/app.php is deprecated, use \\OCP\\AppFramework\\Bootstrap\\IBootstrap on the application class instead.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0","version":"22.1.1.2"}
{"reqId":"0OwCYPqjZd8Lv9D7tO2A","level":0,"time":"2021-09-28T22:18:12+00:00","remoteAddr":"192.168.50.1","user":"--","app":"files_sharing","method":"GET","url":"/apps/dashboard/","message":"/appinfo/app.php is deprecated, use \\OCP\\AppFramework\\Bootstrap\\IBootstrap on the application class instead.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0","version":"22.1.1.2"}
{"reqId":"0OwCYPqjZd8Lv9D7tO2A","level":0,"time":"2021-09-28T22:18:12+00:00","remoteAddr":"192.168.50.1","user":"--","app":"no app in context","method":"GET","url":"/apps/dashboard/","message":"Current user is not logged in","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0","version":"22.1.1.2","exception":{"Exception":"OC\\AppFramework\\Middleware\\Security\\Exceptions\\NotLoggedInException","Message":"Current user is not logged in","Code":401,"Trace":[{"file":"/var/www/nextcloud/lib/private/AppFramework/Middleware/MiddlewareDispatcher.php","line":97,"function":"beforeController","class":"OC\\AppFramework\\Middleware\\Security\\SecurityMiddleware","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":118,"function":"beforeController","class":"OC\\AppFramework\\Middleware\\MiddlewareDispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/App.php","line":156,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/Route/Router.php","line":301,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/nextcloud/lib/base.php","line":1000,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/nextcloud/index.php","line":36,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php","Line":141,"CustomMessage":"Current user is not logged in"}}
{"reqId":"rcDcazSRWMvFUz8DwsCX","level":0,"time":"2021-09-28T22:18:13+00:00","remoteAddr":"192.168.50.1","user":"--","app":"files_sharing","method":"GET","url":"/login?redirect_url=/apps/dashboard/","message":"/appinfo/app.php is deprecated, use \\OCP\\AppFramework\\Bootstrap\\IBootstrap on the application class instead.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0","version":"22.1.1.2"}
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
{
"blacklisted_files": [],
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"localhost",
"127.0.0.1",
"***REMOVED SENSITIVE VALUE***",
"***REMOVED SENSITIVE VALUE***",
"***REMOVED SENSITIVE VALUE***"
],
"enable_previews": true,
"enabledPreviewProviders": [
"OC\\Preview\\TXT",
"OC\\Preview\\MarkDown",
"OC\\Preview\\PDF",
"OC\\Preview\\Image",
"OC\\Preview\\Photoshop",
"OC\\Preview\\TIFF",
"OC\\Preview\\SVG",
"OC\\Preview\\Font",
"OC\\Preview\\MP3",
"OC\\Preview\\Movie",
"OC\\Preview\\MKV",
"OC\\Preview\\MP4",
"OC\\Preview\\AVI"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "22.1.1.2",
"overwrite.cli.url": "http:\/\/mynas.url.addrs",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "xf_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"default_language": "pl",
"default_locale": "pl",
"simpleSignUpLink.shown": false,
"memcache.local": "\\OC\\Memcache\\APCu",
"skeletondirectory": "core\/my-default",
"maintenance": false,
"app_install_overwrite": [
"bruteforcesettings",
"dicomviewer",
"files_photospheres"
],
"mail_smtpmode": "smtp",
"mail_smtpsecure": "tls",
"mail_sendmailmode": "smtp",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtpauthtype": "LOGIN",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "25",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"default_phone_region": "PL",
"theme": "",
"loglevel": 0,
"updater.release.channel": "stable"
}
The output of your Apache/nginx/system log in /var/log/____
:
nginx access.log:
192.168.50.1 - - [29/Sep/2021:00:18:09 +0200] "GET / HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" "-"
192.168.50.1 - - [29/Sep/2021:00:18:09 +0200] "GET /login HTTP/1.1" 200 6540 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" "-"
192.168.50.1 - - [29/Sep/2021:00:18:12 +0200] "POST /login HTTP/1.1" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" "-"
192.168.50.1 - - [29/Sep/2021:00:18:12 +0200] "GET /apps/dashboard/ HTTP/1.1" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" "-"
192.168.50.1 - - [29/Sep/2021:00:18:13 +0200] "GET /login?redirect_url=/apps/dashboard/ HTTP/1.1" 200 6563 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" "-"
nginx error.log:
this file is empty
php-fpm error.log:
[29-Sep-2021 00:18:00] NOTICE: fpm is running, pid 136342
[29-Sep-2021 00:18:00] NOTICE: ready to handle connections
[29-Sep-2021 00:18:00] NOTICE: systemd monitor interval set to 10000ms
Encryption is disabled and not used.
EDIT1:
I’ve installed Nextcloud 22.1.1.2 on creal VM with similar config to what i use and logging in over http is working fine, until the moment when i login thru httpS. Even if i do that with 1 user, all other users (created using http earlier) can’t login using http anymore (they must use httpS). I will try to investigate that more.
Removing PHP session files and restarting php-fpm and nginx service didn’t help.