Hi,
after upgrading owncloud on ubuntu server 20.04 running apache2 and php 7.3 I am unable to login to owncloud when using firefox browser and redirecting traffic through haproxy.
Every time i try to login from firefox (from different machines and firefox profiles even when clearing cache many times), I get thrown back to login screen. In the owncloud log file I get an invalid token error. I have used different users and even the admin but the result is the same.
If I try the same url (through haproxy) on chrome or safari I can login just fine with no issues.
On the same firefox/machine that I have issues I can login just fine when browsing directly to the owncloud server (using either hostname or the ip of the owncloud server)
I tried disabling the MFA and creating new user but the result is the same.
Does anybody have any idea what is going on here?
Steps to reproduce
- Open firefox and navigate to owncloud website using the haproxy url (Not using IP address of server)
- login with credentials and also enter password from authentication (MFA enabled)
- redirected back to login screen
Expected behaviour
able to login
Actual behaviour
redirected back to login screen
Server configuration
Operating system:
ubuntu 20.04
Web server:
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2023-01-31T14:01:53
Database:
mariadb
PHP version:
7.3.3
ownCloud version: (see ownCloud admin page)
10.11.0.6
Updated from an older ownCloud or fresh install:
upgrade from 10.2.0.5
Where did you install ownCloud from:
official website
The content of config/config.php:
{
"system": {
"instanceid": "oct5joa4122m",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"192.168.XXX.XXX",
"owncloud",
"data.XXXXXXX.com"
],
"datadirectory": "\/var\/www\/html\/owncloud\/data",
"overwrite.cli.url": "http:\/\/192.168.XXX.XXX\/owncloud",
"dbtype": "mysql",
"version": "10.11.0.6",
"dbname": "owncloud",
"dbhost": "localhost",
"dbtableprefix": "oc_",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"logtimezone": "UTC",
"apps_paths": [
{
"path": "\/var\/www\/html\/owncloud\/apps",
"url": "\/apps",
"writable": false
},
{
"path": "\/var\/www\/html\/owncloud\/apps-external",
"url": "\/apps-external",
"writable": true
}
],
"installed": true,
"theme": "",
"loglevel": 2,
"maintenance": false,
"allow_user_to_change_mail_address": ""
}
}
**List of activated apps:**
If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.
Enabled:
- audioplayer:
- Version: 2.8.4
- Path: /var/www/html/owncloud/apps-external/audioplayer
- comments:
- Version: 0.3.0
- Path: /var/www/html/owncloud/apps/comments
- configreport:
- Version: 0.2.1
- Path: /var/www/html/owncloud/apps/configreport
- dav:
- Version: 0.7.0
- Path: /var/www/html/owncloud/apps/dav
- external:
- Version: 1.4.0
- Path: /var/www/html/owncloud/apps/external
- extract:
- Version: 1.2.4
- Path: /var/www/html/owncloud/apps-external/extract
- federatedfilesharing:
- Version: 0.5.0
- Path: /var/www/html/owncloud/apps/federatedfilesharing
- federation:
- Version: 0.1.0
- Path: /var/www/html/owncloud/apps/federation
- files:
- Version: 1.5.2
- Path: /var/www/html/owncloud/apps/files
- files_external:
- Version: 0.9.0
- Path: /var/www/html/owncloud/apps/files_external
- files_mediaviewer:
- Version: 1.0.5
- Path: /var/www/html/owncloud/apps/files_mediaviewer
- files_pdfviewer:
- Version: 1.0.1
- Path: /var/www/html/owncloud/apps/files_pdfviewer
- files_sharing:
- Version: 0.14.0
- Path: /var/www/html/owncloud/apps/files_sharing
- files_textviewer:
- Version: 1.0.3
- Path: /var/www/html/owncloud/apps-external/files_textviewer
- files_trashbin:
- Version: 0.9.1
- Path: /var/www/html/owncloud/apps/files_trashbin
- files_versions:
- Version: 1.3.0
- Path: /var/www/html/owncloud/apps/files_versions
- gallery:
- Version: 16.1.2
- Path: /var/www/html/owncloud/apps-external/gallery
- market:
- Version: 0.7.0
- Path: /var/www/html/owncloud/apps/market
- notifications:
- Version: 0.5.4
- Path: /var/www/html/owncloud/apps/notifications
- onlyoffice:
- Version: 3.0.3
- Path: /var/www/html/owncloud/apps-external/onlyoffice
- provisioning_api:
- Version: 0.5.0
- Path: /var/www/html/owncloud/apps/provisioning_api
- systemtags:
- Version: 0.3.0
- Path: /var/www/html/owncloud/apps/systemtags
- twofactor_privacyidea:
- Version: 3.0
- Path: /var/www/html/owncloud/apps-external/twofactor_privacyidea
- twofactor_totp:
- Version: 0.7.4
- Path: /var/www/html/owncloud/apps-external/twofactor_totp
- updatenotification:
- Version: 0.2.1
- Path: /var/www/html/owncloud/apps/updatenotification
Disabled:
- activity:
- Path: /var/www/html/owncloud/apps/activity
- admin_audit:
- Path: /var/www/html/owncloud/apps/admin_audit
- announcementcenter:
- Path: /var/www/html/owncloud/apps/announcementcenter
- customgroups:
- Path: /var/www/html/owncloud/apps/customgroups
- encryption:
- Path: /var/www/html/owncloud/apps/encryption
- enterprise_key:
- Path: /var/www/html/owncloud/apps/enterprise_key
- files_antivirus:
- Path: /var/www/html/owncloud/apps/files_antivirus
- files_classifier:
- Path: /var/www/html/owncloud/apps/files_classifier
- files_external_dropbox:
- Path: /var/www/html/owncloud/apps/files_external_dropbox
- files_external_ftp:
- Path: /var/www/html/owncloud/apps/files_external_ftp
- files_ldap_home:
- Path: /var/www/html/owncloud/apps/files_ldap_home
- files_lifecycle:
- Path: /var/www/html/owncloud/apps/files_lifecycle
- files_texteditor:
- Path: /var/www/html/owncloud/apps/files_texteditor
- firewall:
- Path: /var/www/html/owncloud/apps/firewall
- firstrunwizard:
- Path: /var/www/html/owncloud/apps/firstrunwizard
- graphapi:
- Path: /var/www/html/owncloud/apps/graphapi
- guests:
- Path: /var/www/html/owncloud/apps/guests
- metrics:
- Path: /var/www/html/owncloud/apps/metrics
- music:
- Path: /var/www/html/owncloud/apps-external/music
- oauth2:
- Path: /var/www/html/owncloud/apps/oauth2
- openidconnect:
- Path: /var/www/html/owncloud/apps/openidconnect
- password_policy:
- Path: /var/www/html/owncloud/apps/password_policy
- ransomware_protection:
- Path: /var/www/html/owncloud/apps/ransomware_protection
- sharepoint:
- Path: /var/www/html/owncloud/apps/sharepoint
- systemtags_management:
- Path: /var/www/html/owncloud/apps/systemtags_management
- templateeditor:
- Path: /var/www/html/owncloud/apps/templateeditor
- theme-enterprise:
- Path: /var/www/html/owncloud/apps/theme-enterprise
- user_external:
- Path: /var/www/html/owncloud/apps/user_external
- user_ldap:
- Path: /var/www/html/owncloud/apps/user_ldap
- user_shibboleth:
- Path: /var/www/html/owncloud/apps/user_shibboleth
- web:
- Path: /var/www/html/owncloud/apps/web
- windows_network_drive:
- Path: /var/www/html/owncloud/apps/windows_network_drive
- wopi:
- Path: /var/www/html/owncloud/apps/wopi
- workflow:
- Path: /var/www/html/owncloud/apps/workflow
Client configuration
Browser:
firefox (updated)
Operating system:
ubuntu 20.04, windows 10
Logs
ownCloud log (data/owncloud.log)
":"--","App":"Oc\\Authentication\\Token\\Defaulttokenprovider::Invalidatetoken","M
Ethod":"Get","Url":"\/Index.Php\/Login?Redirect_Url=%252findex.Php%252fapps%252ffiles%252f","Message":"Invalidating Token 0f6e6c05e0f9e8f31ee17b847d4651faa75d4b4ab6776623fwergrrther3q4t3c8fc136465c5c954
0e8ab0970e94477aeeddfa3c6381c7cc7d18005e86werwtwtwtwqt92a4f5"}