LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 08-16-2011, 09:38 AM   #1
trscookie
Member
 
Registered: Apr 2004
Location: oxford
Distribution: gentoo
Posts: 438

Rep: Reputation: 30
Unhappy postfixadmin redirects


Hello All,

I have set up postfixadmin (2.3.3) on my server, which has multiple domains. For security I have forced HTTPS however now when I attempt to log in to postfixadmin it just takes me straight back to the login page :S

Does anybody have any ideas what I can do to stop this and just get it to log in? The really weird thing is, if I get my password wrong it notifies me of my error however when i get it correct it just takes me back to the login prompt.

I have also tried setting: $CONF['postfix_admin_url'] = 'https://mydomain.com/postfixadmin' to "" however this takes me back to "https://mydomain.com/login.php"

Here is my postfix config.ini.php:

Code:
$CONF['configured'] = true;
$CONF['setup_password'] = 'YYYYYYYYYYYYYY:XXXXXXXXXXXXXXXXXXXXXXXXX';
$CONF['postfix_admin_url'] = 'https://mydomain.com/postfixadmin';
$CONF['postfix_admin_path'] = dirname(__FILE__);
$CONF['default_language'] = 'en';
$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'mypassword';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';
$CONF['database_tables'] = array (
    'admin' => 'admin',
    'alias' => 'alias',
    'alias_domain' => 'alias_domain',
    'config' => 'config',
    'domain' => 'domain',
    'domain_admins' => 'domain_admins',
    'fetchmail' => 'fetchmail',
    'log' => 'log',
    'mailbox' => 'mailbox',
    'vacation' => 'vacation',
    'vacation_notification' => 'vacation_notification',
    'quota' => 'quota',
    'quota2' => 'quota2',
);
$CONF['admin_email'] = 'admin@mydomain.com';
$CONF['smtp_server'] = 'localhost';
$CONF['smtp_port'] = '25';
$CONF['encrypt'] = 'dovecot:CRAM-MD5';
$CONF['authlib_default_flavor'] = 'md5raw';
$CONF['dovecotpw'] = "/usr/sbin/dovecotpw";
$CONF['min_password_length'] = 5;
$CONF['generate_password'] = 'NO';
$CONF['show_password'] = 'NO';
$CONF['page_size'] = '10';
$CONF['default_aliases'] = array (
    'abuse' => 'admin@mydomain.com',
    'hostmaster' => 'admin@mydomain.com',
    'postmaster' => 'admin@mydomain.com',
    'webmaster' => 'admin@mydomain.com'
);
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['maildir_name_hook'] = 'NO';
$CONF['aliases'] = '100';
$CONF['mailboxes'] = '100';
$CONF['maxquota'] = '100';
$CONF['quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
$CONF['transport'] = 'NO';
$CONF['transport_options'] = array (
);
$CONF['transport_default'] = 'virtual';
$CONF['vacation'] = 'NO';
$CONF['vacation_domain'] = 'autoreply.change-this-to-your.domain.tld';
$CONF['vacation_control'] ='YES';
$CONF['vacation_control_admin'] = 'YES';
$CONF['alias_control'] = 'NO';
$CONF['alias_control_admin'] = 'NO';
$CONF['special_alias_control'] = 'NO';
$CONF['alias_goto_limit'] = '0';
$CONF['alias_domain'] = 'YES';
$CONF['backup'] = 'YES';
$CONF['sendmail'] = 'YES';
$CONF['logging'] = 'YES';
$CONF['fetchmail'] = 'NO';
$CONF['fetchmail_extra_options'] = 'NO';
$CONF['show_header_text'] = 'NO';
$CONF['header_text'] = ':: Postfix Admin ::';
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to change-this-to-your.domain.tld';
$CONF['welcome_text'] = <<<EOM
Hi,
Welcome to your new account.
EOM;
$CONF['emailcheck_resolve_domain']='YES';
$CONF['show_status']='NO';
$CONF['show_status_key']='NO';
$CONF['show_status_text']='&nbsp;&nbsp;';
$CONF['show_undeliverable']='NO';
$CONF['show_undeliverable_color']='tomato';
$CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext","gmail.com");
$CONF['show_popimap']='NO';
$CONF['show_popimap_color']='darkgrey';
$CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext");
$CONF['show_custom_colors']=array("lightgreen","lightblue");
$CONF['recipient_delimiter'] = "";
$CONF['create_mailbox_subdirs_prefix']='INBOX.';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'NO';
$CONF['theme_logo'] = 'images/logo-default.png';
$CONF['theme_css'] = 'css/default.css';
$CONF['xmlrpc_enabled'] = false;
if (file_exists(dirname(__FILE__) . '/config.local.php')) {
    include(dirname(__FILE__) . '/config.local.php');
}

HTTPD SSL config:
Code:
 <VirtualHost *:443>
   ServerName www.mydomain.com
   ServerAlias *.mydomain.com mydomain.co.uk *.mydomain.co.uk mydomain.com
   DocumentRoot /var/www/html/folder/mydomain
   ErrorLog logs/ssl_error_log
   TransferLog logs/ssl_access_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/localhost.crt
   SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
   <Files ~ "\.(cgi|shtml|phtml|php3?)$">
       SSLOptions +StdEnvVars
   </Files>
   <Directory /usr/share/postfixadmin>
     SSLVerifyDepth 1
     Order deny,allow
     Allow from all
     Options Includes FollowSymLinks
   </Directory>
 
   SetEnvIf User-Agent ".*MSIE.*" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
   CustomLog logs/ssl_request_log \
             "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 </VirtualHost>

I have also noticed that it is doing some re-direct, but Im not sure why and if this could be part of the issue:

Code:
$ curl -v -v -v https://mydomain.com/postfixadmin/login.php -k -d "fUsername=myname@mydomain.com&fPassword=mypassword"
* About to connect() to mydomain.com port 443 (#0)
*   Trying xx.xx.xx.48... connected
* Connected to mydomain.com (xx.xx.xx.48) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
* 	 subject: C=--; ST=SomeState; L=SomeCity; O=SomeOrganization; OU=SomeOrganizationalUnit; CN=servername.live-servers.net; emailAddress=root@servername.live-servers.net
* 	 start date: 2011-04-17 14:16:51 GMT
* 	 expire date: 2012-04-16 14:16:51 GMT
* 	 common name: servername.live-servers.net (does not match 'mydomain.com')
* 	 issuer: C=--; ST=SomeState; L=SomeCity; O=SomeOrganization; OU=SomeOrganizationalUnit; CN=servername.live-servers.net; emailAddress=root@servername.live-servers.net
* 	 SSL certificate verify result: self signed certificate (18), continuing anyway.
> POST /postfixadmin/login.php HTTP/1.1
> User-Agent: curl/7.19.7 (i486-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
> Host: mydomain.com
> Accept: */*
> Content-Length: 57
> Content-Type: application/x-www-form-urlencoded
> 
< HTTP/1.1 302 Found
< Date: Tue, 16 Aug 2011 14:52:21 GMT
< Server: Apache/2.2.3 (CentOS)
< X-Powered-By: PHP/5.2.10
< Set-Cookie: PHPSESSID=8g9v6ad94qjj67kk74asdasd04n6; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: lang=deleted; expires=Mon, 16-Aug-2010 14:52:20 GMT
< Set-Cookie: PHPSESSID=iidomt0fiod13asdasdvlv8blb13; path=/
< Location: main.php
< Content-Length: 0
< Connection: close
< Content-Type: text/html; charset=UTF-8
< 
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
Many thanks in advance,
trscookie

Last edited by trscookie; 08-16-2011 at 09:52 AM.
 
Old 08-16-2011, 10:11 AM   #2
timur91
Member
 
Registered: Aug 2011
Posts: 42

Rep: Reputation: Disabled
did you try to login via http? does it work? do you get any errors in the error log? maybe it' a cookie/session error

Please check

java socket

Last edited by timur91; 01-05-2012 at 05:27 AM.
 
Old 08-16-2011, 10:42 AM   #3
trscookie
Member
 
Registered: Apr 2004
Location: oxford
Distribution: gentoo
Posts: 438

Original Poster
Rep: Reputation: 30
Oddly I have started to get the following:

Code:
This web page has a redirect loop
The web page at http://www.mydomain.com/postfixadmin has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
Here are some suggestions:
Reload this web page later.
Learn more about this problem.
Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.
Although I cant seem to find out why in my apache.conf, I have removed SSL all together and there are no repeat links :S, im sure its something daft!
 
Old 08-16-2011, 10:47 AM   #4
trscookie
Member
 
Registered: Apr 2004
Location: oxford
Distribution: gentoo
Posts: 438

Original Poster
Rep: Reputation: 30
NM, it was something daft. I was re-directing back to my postfixadmin page. Although now I have corrected the re-direct, when I correctly login it just sends me back to the login page :\ any ideas?
 
Old 08-16-2011, 12:40 PM   #5
trscookie
Member
 
Registered: Apr 2004
Location: oxford
Distribution: gentoo
Posts: 438

Original Poster
Rep: Reputation: 30
OK, I discovered that it was because I had the following set:

Code:
User apache
Group apache
Group svn
Group www

Which I have changed to:
Code:
User apache
Group apache
#Group svn
#Group www
Which is working now, is there a way to allow multiple Groups in apache?

Many thanks,


trscookie.
 
Old 08-17-2011, 11:57 AM   #6
timur91
Member
 
Registered: Aug 2011
Posts: 42

Rep: Reputation: Disabled
Quote:
Originally Posted by trscookie View Post

Which is working now, is there a way to allow multiple Groups in apache?

Many thanks,


trscookie.
You can't have a process run under multiple groups. If you want apache to be able to write to files owned by those 2 groups then you need to add the apache user into the 2 groups:
Code:
useradd -G {group-name} username
java socket

Last edited by timur91; 01-05-2012 at 05:28 AM.
 
1 members found this post helpful.
Old 03-21-2013, 07:21 AM   #7
kamalpalei
LQ Newbie
 
Registered: Mar 2013
Posts: 1

Rep: Reputation: Disabled
Hi All
I am experiencing same issue.
I am trying to login to postfixadmin.
It just redirects login.php only.


Can somebody explain me what is process running in respect user/group such as mentioned in one of the posts apache/svn/www etc.

Thanks
kamal
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
postfixadmin paul_mat Linux - Software 4 03-02-2011 02:52 AM
LXer: Securing PostfixAdmin LXer Syndicated Linux News 0 02-08-2010 01:20 PM
LXer: PostfixAdmin on Ubuntu 9.10 LXer Syndicated Linux News 0 12-18-2009 12:20 AM
postfixadmin | does not show emails anarxi Linux - Server 0 01-27-2009 07:12 AM
postfixadmin ? prayag_pjs Linux - Newbie 4 02-03-2008 11:05 PM


All times are GMT -5. The time now is 11:29 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration