[SOLVED] postfixadmin redirects

trscookie · 08-16-2011, 09:38 AM

Hello All,

I have set up postfixadmin (2.3.3) on my server, which has multiple domains. For security I have forced HTTPS however now when I attempt to log in to postfixadmin it just takes me straight back to the login page :S

Does anybody have any ideas what I can do to stop this and just get it to log in? The really weird thing is, if I get my password wrong it notifies me of my error however when i get it correct it just takes me back to the login prompt.

I have also tried setting: $CONF['postfix_admin_url'] = 'https://mydomain.com/postfixadmin' to "" however this takes me back to "https://mydomain.com/login.php"

Here is my postfix config.ini.php:

Code:

$CONF['configured'] = true;
$CONF['setup_password'] = 'YYYYYYYYYYYYYY:XXXXXXXXXXXXXXXXXXXXXXXXX';
$CONF['postfix_admin_url'] = 'https://mydomain.com/postfixadmin';
$CONF['postfix_admin_path'] = dirname(__FILE__);
$CONF['default_language'] = 'en';
$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'mypassword';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';
$CONF['database_tables'] = array (
    'admin' => 'admin',
    'alias' => 'alias',
    'alias_domain' => 'alias_domain',
    'config' => 'config',
    'domain' => 'domain',
    'domain_admins' => 'domain_admins',
    'fetchmail' => 'fetchmail',
    'log' => 'log',
    'mailbox' => 'mailbox',
    'vacation' => 'vacation',
    'vacation_notification' => 'vacation_notification',
    'quota' => 'quota',
    'quota2' => 'quota2',
);
$CONF['admin_email'] = 'admin@mydomain.com';
$CONF['smtp_server'] = 'localhost';
$CONF['smtp_port'] = '25';
$CONF['encrypt'] = 'dovecot:CRAM-MD5';
$CONF['authlib_default_flavor'] = 'md5raw';
$CONF['dovecotpw'] = "/usr/sbin/dovecotpw";
$CONF['min_password_length'] = 5;
$CONF['generate_password'] = 'NO';
$CONF['show_password'] = 'NO';
$CONF['page_size'] = '10';
$CONF['default_aliases'] = array (
    'abuse' => 'admin@mydomain.com',
    'hostmaster' => 'admin@mydomain.com',
    'postmaster' => 'admin@mydomain.com',
    'webmaster' => 'admin@mydomain.com'
);
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['maildir_name_hook'] = 'NO';
$CONF['aliases'] = '100';
$CONF['mailboxes'] = '100';
$CONF['maxquota'] = '100';
$CONF['quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
$CONF['transport'] = 'NO';
$CONF['transport_options'] = array (
);
$CONF['transport_default'] = 'virtual';
$CONF['vacation'] = 'NO';
$CONF['vacation_domain'] = 'autoreply.change-this-to-your.domain.tld';
$CONF['vacation_control'] ='YES';
$CONF['vacation_control_admin'] = 'YES';
$CONF['alias_control'] = 'NO';
$CONF['alias_control_admin'] = 'NO';
$CONF['special_alias_control'] = 'NO';
$CONF['alias_goto_limit'] = '0';
$CONF['alias_domain'] = 'YES';
$CONF['backup'] = 'YES';
$CONF['sendmail'] = 'YES';
$CONF['logging'] = 'YES';
$CONF['fetchmail'] = 'NO';
$CONF['fetchmail_extra_options'] = 'NO';
$CONF['show_header_text'] = 'NO';
$CONF['header_text'] = ':: Postfix Admin ::';
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to change-this-to-your.domain.tld';
$CONF['welcome_text'] = <<<EOM
Hi,
Welcome to your new account.
EOM;
$CONF['emailcheck_resolve_domain']='YES';
$CONF['show_status']='NO';
$CONF['show_status_key']='NO';
$CONF['show_status_text']='&nbsp;&nbsp;';
$CONF['show_undeliverable']='NO';
$CONF['show_undeliverable_color']='tomato';
$CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext","gmail.com");
$CONF['show_popimap']='NO';
$CONF['show_popimap_color']='darkgrey';
$CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext");
$CONF['show_custom_colors']=array("lightgreen","lightblue");
$CONF['recipient_delimiter'] = "";
$CONF['create_mailbox_subdirs_prefix']='INBOX.';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'NO';
$CONF['theme_logo'] = 'images/logo-default.png';
$CONF['theme_css'] = 'css/default.css';
$CONF['xmlrpc_enabled'] = false;
if (file_exists(dirname(__FILE__) . '/config.local.php')) {
    include(dirname(__FILE__) . '/config.local.php');
}

HTTPD SSL config:

Code:

 <VirtualHost *:443>
   ServerName www.mydomain.com
   ServerAlias *.mydomain.com mydomain.co.uk *.mydomain.co.uk mydomain.com
   DocumentRoot /var/www/html/folder/mydomain
   ErrorLog logs/ssl_error_log
   TransferLog logs/ssl_access_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/localhost.crt
   SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
   <Files ~ "\.(cgi|shtml|phtml|php3?)$">
       SSLOptions +StdEnvVars
   </Files>
   <Directory /usr/share/postfixadmin>
     SSLVerifyDepth 1
     Order deny,allow
     Allow from all
     Options Includes FollowSymLinks
   </Directory>
 
   SetEnvIf User-Agent ".*MSIE.*" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
   CustomLog logs/ssl_request_log \
             "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 </VirtualHost>

I have also noticed that it is doing some re-direct, but Im not sure why and if this could be part of the issue:

Code:

$ curl -v -v -v https://mydomain.com/postfixadmin/login.php -k -d "fUsername=myname@mydomain.com&fPassword=mypassword"
* About to connect() to mydomain.com port 443 (#0)
*   Trying xx.xx.xx.48... connected
* Connected to mydomain.com (xx.xx.xx.48) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
* 	 subject: C=--; ST=SomeState; L=SomeCity; O=SomeOrganization; OU=SomeOrganizationalUnit; CN=servername.live-servers.net; emailAddress=root@servername.live-servers.net
* 	 start date: 2011-04-17 14:16:51 GMT
* 	 expire date: 2012-04-16 14:16:51 GMT
* 	 common name: servername.live-servers.net (does not match 'mydomain.com')
* 	 issuer: C=--; ST=SomeState; L=SomeCity; O=SomeOrganization; OU=SomeOrganizationalUnit; CN=servername.live-servers.net; emailAddress=root@servername.live-servers.net
* 	 SSL certificate verify result: self signed certificate (18), continuing anyway.
> POST /postfixadmin/login.php HTTP/1.1
> User-Agent: curl/7.19.7 (i486-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
> Host: mydomain.com
> Accept: */*
> Content-Length: 57
> Content-Type: application/x-www-form-urlencoded
> 
< HTTP/1.1 302 Found
< Date: Tue, 16 Aug 2011 14:52:21 GMT
< Server: Apache/2.2.3 (CentOS)
< X-Powered-By: PHP/5.2.10
< Set-Cookie: PHPSESSID=8g9v6ad94qjj67kk74asdasd04n6; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: lang=deleted; expires=Mon, 16-Aug-2010 14:52:20 GMT
< Set-Cookie: PHPSESSID=iidomt0fiod13asdasdvlv8blb13; path=/
< Location: main.php
< Content-Length: 0
< Connection: close
< Content-Type: text/html; charset=UTF-8
< 
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

Many thanks in advance,
trscookie

timur91 · 08-16-2011, 10:11 AM

did you try to login via http? does it work? do you get any errors in the error log? maybe it' a cookie/session error

Please check

java socket

trscookie · 08-16-2011, 10:42 AM

Oddly I have started to get the following:

Code:

This web page has a redirect loop
The web page at http://www.mydomain.com/postfixadmin has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
Here are some suggestions:
Reload this web page later.
Learn more about this problem.
Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

Although I cant seem to find out why in my apache.conf, I have removed SSL all together and there are no repeat links :S, im sure its something daft!

trscookie · 08-16-2011, 10:47 AM

NM, it was something daft. I was re-directing back to my postfixadmin page. Although now I have corrected the re-direct, when I correctly login it just sends me back to the login page :\ any ideas?

trscookie · 08-16-2011, 12:40 PM

OK, I discovered that it was because I had the following set:

Code:

User apache
Group apache
Group svn
Group www

Which I have changed to:

Code:

User apache
Group apache
#Group svn
#Group www

Which is working now, is there a way to allow multiple Groups in apache?

Many thanks,

trscookie.

timur91 · 08-17-2011, 11:57 AM

Quote:

Originally Posted by trscookie

Which is working now, is there a way to allow multiple Groups in apache?

Many thanks,

trscookie.

You can't have a process run under multiple groups. If you want apache to be able to write to files owned by those 2 groups then you need to add the apache user into the 2 groups:

Code:

useradd -G {group-name} username

java socket

kamalpalei · 03-21-2013, 07:21 AM

Hi All
I am experiencing same issue.
I am trying to login to postfixadmin.
It just redirects login.php only.

Can somebody explain me what is process running in respect user/group such as mentioned in one of the posts apache/svn/www etc.

Thanks
kamal