Hi!
Nextcloud version: 29.0.3 (for now, the problem starts two month ago at 28 version)
Operating system and version: FreeBSD 14.1
Apache version: 2.4.62
PHP version: 8.2
Additional info: jail, php-fpm, postgresql 15.7, openldap 2.6, redis, memcached, haproxy. Hardware have enough of free RAM, CPU time and HDD space.
The issue you are facing:
After upgrade to FreeBSD 14.1 from 13.2 I have a problem with openldap users(there only my and test users) login and sessions. Before upgrading OS, all packages was updated to the same version as after and I has not any troubles with Nextcloud. I asked about this problem in FreeBSD community, but they say, that an OS version can’t be a reason of my problem.
Happening the next:
When I try to login with ldap user credentials in ~50% cases I have error “Wrong username or password”. In other cases, when I successfully login, my session ends after ~20 minutes and server propose to login again, but when I try to login at once I have login error like in the first case.
Root user always login successfully and don’t have any problem. In openldap logs I don’t saw any errors or warnings.
I tried to create new ldap user and test behaviour with new credentials, but saw the same problem.
At ldap integration page all checks passes successfully.
Is this the first time you’ve seen this error?: Y
Steps to replicate it:
I have only one Nextcloud installation for now and don’t tried to recreate all from the beginning yet.
The output of your Nextcloud log in Admin > Logging:
https://pastebin.com/3EN7Ftnw
The output of your config.php file in /path/to/nextcloud:
<?php
$CONFIG = array (
'apps_paths' =>
array (
0 =>
array (
'path' => '/usr/local/www/nextcloud/apps',
'url' => '/apps',
'writable' => true,
),
1 =>
array (
'path' => '/usr/local/www/nextcloud/apps-pkg',
'url' => '/apps-pkg',
'writable' => false,
),
),
'logfile' => '/var/log/nextcloud/nextcloud.log',
'instanceid' => '111111111',
'passwordsalt' => '2222222222222222222222222',
'secret' => '3333333333333333333333333333333333333333333',
'trusted_domains' =>
array (
0 => 'my.domain.name',
),
'datadirectory' => '/var/db/nextcloud/data',
'dbtype' => 'pgsql',
'version' => '29.0.3.4',
'overwrite.cli.url' => 'https://my.domain.name/',
'overwriteprotocol' => 'https',
'htaccess.RewriteBase' => '/',
'dbname' => 'dbname',
'dbhost' => '2.2.2.2:5432',
'dbport' => '',
'dbtableprefix' => 'prefix_',
'dbuser' => 'dbuser',
'dbpassword' => 'dbpassword',
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\Memcached',
'memcached_servers' =>
array (
0 =>
array (
0 => '127.0.0.1',
1 => 11211,
),
),
'filelocking.enable' => true,
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/var/run/redis/redis.sock',
'port' => 0,
'dbindex' => 0,
'password' => '',
'timeout' => 0.0,
),
'installed' => true,
'maintenance' => false,
'theme' => '',
'loglevel' => 1,
'app_install_overwrite' =>
array (
0 => 'spreedme',
1 => 'spreed',
2 => 'maps',
3 => 'bruteforcesettings',
4 => 'transmission',
5 => 'files_antivirus',
),
'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
'default_phone_region' => 'RU',
'maintenance_window_start' => 1,
'trusted_proxies' =>
array (
0 => '3.3.3.3',
),
);
The output of your Apache/nginx/system log in /var/log/____:
3.3.3.3 - - [06/Aug/2024:02:17:02 +0300] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 -
3.3.3.3 - - [06/Aug/2024:02:17:07 +0300] "POST /apps/text/session/7649/push HTTP/1.1" 200 22
3.3.3.3 - - [06/Aug/2024:02:17:09 +0300] "POST /apps/text/session/7649/push HTTP/1.1" 200 22
3.3.3.3 - - [06/Aug/2024:02:17:09 +0300] "POST /apps/text/session/7649/close HTTP/1.1" 200 22
3.3.3.3 - - [06/Aug/2024:02:17:11 +0300] "PUT /apps/text/session/7649/create HTTP/1.1" 401 43
3.3.3.3 - - [06/Aug/2024:02:17:30 +0300] "GET /apps/files/api/v1/stats HTTP/1.1" 401 43
3.3.3.3 - - [06/Aug/2024:02:17:33 +0300] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 401 106
3.3.3.3 - - [06/Aug/2024:02:18:30 +0300] "GET /apps/files/api/v1/stats HTTP/1.1" 401 43
3.3.3.3 - - [06/Aug/2024:02:19:30 +0300] "GET /apps/files/api/v1/stats HTTP/1.1" 401 43
3.3.3.3 - - [06/Aug/2024:02:20:30 +0300] "GET /apps/files/api/v1/stats HTTP/1.1" 401 43
3.3.3.3 - - [06/Aug/2024:02:21:31 +0300] "GET /apps/files/api/v1/stats HTTP/1.1" 401 43
Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors.
When I try to login by ldap users in 50% cases I have:
{"reqId":"ZrEqb-IQDGJ5-nGDSUuI7AAAAMA","level":2,"time":"2024-08-05T19:39:27+00:00","remoteAddr":"1.1.1.1","user":"--","app":"no app in context","method":"POST","url":"/login","message":"Login failed: UserName (Remote IP: 1.1.1.1)","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0","version":"29.0.3.4","data":[]}
In other cases, when I successfully login, my session ends after ~20 minutes with:
{"reqId":"ZrFdc57CV5VLnyqhEPkCDAAAAJA","level":2,"time":"2024-08-05T23:17:07+00:00","remoteAddr":"1.1.1.1","user":"UserName","app":"core","method":"POST","url":"/apps/text/session/7649/push","message":"Login failed: 'UserName' (Remote IP: '1.1.1.1')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0","version":"29.0.3.4","data":{"app":"core"}}
{"reqId":"ZrFdc57CV5VLnyqhEPkCDAAAAJA","level":2,"time":"2024-08-05T23:17:07+00:00","remoteAddr":"1.1.1.1","user":"UserName","app":"core","method":"POST","url":"/apps/text/session/7649/push","message":"Session token credentials are invalid","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0","version":"29.0.3.4","data":{"app":"core","user":"null"}}
in debug logging:
{"reqId":"ZrE-RZ7CV5VLnyqhEPkBOwAAAJc","level":3,"time":"2024-08-05T21:04:06+00:00","remoteAddr":"1.1.1.1","user":"--","app":"core","method":"POST","url":"/apps/text/session/7649/sync","message":"Renewing session token failed: Token does not exist: 428102fd47393d2022ea841fd95287a168021ae24dbeb461b6284b1571fb9d13becf99dcaf45f8c599194e6e58e2ac7e223687be0e60a294a904b28ed29ef112","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0","version":"29.0.3.4","exception":{"Exception":"OC\\Authentication\\Exceptions\\InvalidTokenException","Message":"Token does not exist: 428102fd47393d2022ea841fd95287a168021ae24dbeb461b6284b1571fb9d13becf99dcaf45f8c599194e6e58e2ac7e223687be0e60a294a904b28ed29ef112","Code":0,"Trace":[{"file":"/usr/local/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":167,"function":"getTokenFromCache","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/usr/local/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":248,"function":"getToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/usr/local/www/nextcloud/lib/public/AppFramework/Db/TTransactional.php","line":63,"function":"OC\\Authentication\\Token\\{closure}","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/usr/local/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":247,"function":"atomic","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->"},{"file":"/usr/local/www/nextcloud/lib/private/Authentication/Token/Manager.php","line":172,"function":"renewSessionToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->"},{"file":"/usr/local/www/nextcloud/lib/private/User/Session.php","line":941,"function":"renewSessionToken","class":"OC\\Authentication\\Token\\Manager","type":"->"},{"file":"/usr/local/www/nextcloud/lib/base.php","line":1132,"function":"loginWithCookie","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/usr/local/www/nextcloud/lib/base.php","line":1039,"function":"handleLogin","class":"OC","type":"::"},{"file":"/usr/local/www/nextcloud/index.php","line":49,"function":"handleRequest","class":"OC","type":"::"}],"File":"/usr/local/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","Line":196,"message":"Renewing session token failed: Token does notexist: 428102fd47393d2022ea841fd95287a168021ae24dbeb461b6284b1571fb9d13becf99dcaf45f8c599194e6e58e2ac7e223687be0e60a294a904b28ed29ef112","user":"UserName","exception":{},"CustomMessage":"Renewing session token failed: Token does not exist: 428102fd47393d2022ea841fd95287a168021ae24dbeb461b6284b1571fb9d13becf99dcaf45f8c599194e6e58e2ac7e223687be0e60a294a904b28ed29ef112"}}