First up, there doesnāt seem to be a Collabora forum (in the usual sense) for discussing issues. I find this odd. Issues can be reported on Github here (also accessible via the Collabora Online - Community Page)
So, Iāve had Collabora 4.x working forever with Nextcloud 18 and 19. Last night, I had a look at the Collabora portal at https://collabora.mydomain.com/loleaflet/dist/admin/admin.html
and thought āThatās nice, but it looks different from what I have previously seen. There must have been a fairly recent update.ā
Checking my update logs for the Collabora Docker container, I note there were four CODE updates since Sept 25. This coincided with the announcement on Sept 24 of CODE 6.4 and a jump from CODE 4.2.7.
The new CODE admin dashboard has the facility to shut down the CODE server.
āThatās newā I thought and then it dawned on me that I wasnāt presented with an authentication prompt to access the admin console. This was set up originally in the docker-compose.yml and worked for CODE 4.x.
version: '3.3'
services:
code:
ports:
- '9980:9980'
container_name: collabora-code
environment:
- domain=cloud\.mydomain\.com
- server_name=collabora\.mydomain\.com
- username=admin
- password=alakazam
- 'extra_params=--o:ssl.enable=false --o:ssl.termination=true'
restart: always
image: collabora/code
Checking the Collabora container log sudo docker logs -f collabora-code
, I see the following errors once the CODE server becomes available:
wsd-00006-00006 2020-10-20 03:40:02.123015 [ loolwsd ] INF WSD initialization complete: setting log-level to [warning] as configured.| wsd/LOOLWSD.cpp:3990
Ready to accept connections on port 9980.
wsd-00006-00043 2020-10-20 03:40:09.420116 [ websrv_poll ] WRN client - server version mismatch, disabling browser cache. Expected: 6ad9d47| wsd/FileServer.cpp:285
wsd-00006-00043 2020-10-20 03:40:09.453557 [ websrv_poll ] ERR FileServerRequestHandler::NotAuthenticated: No authentication information found| wsd/FileServer.cpp:476
It appears to me that the built-in authentication proxy has broken and the admin console has become a security risk.
Observations:
-
After extensive experimentation, I note I can get a login prompt if the password is
secret
, which seems really bizarre to me. If I try setting any other password, I get no login prompt. -
Thereās no facility to log out of the admin console.
EDIT: For the moment, Iāve addressed the issue by placing the admin console behind an authentication proxy that is independent of Collabora.