Hi Guys,
I am having a reproducible situation where I click on the "Login to Control Panel" button in WHMCS which is supposed to use the session based login to go right into the Virtualmin Virtual Server Admin login area. What is happening from a freshly opened IE 9 browser is a 500 error is received after the first click on "Login to Control Panel". I then refresh the tab showing the 500 error and I see the login area. I then go back to my WHMCS Product Details and click on the button again, this time it logs me in without issue. Once I am able to successfully login it is difficult to reproduce the error.
I am also able to reproduce this in FF, but instead of a server 500 error I get an error about cookies until I successfully login manually with the username and password and then logout and try again from the "Login to Control Panel" button.
I have not been able to spot any errors in the Webmin logged actions.
Please let me know if there is a simple solution to this or where to look for possible causes.
~Jeremy
Comments
Submitted by xtremeservices on Fri, 08/19/2011 - 00:14 Comment #1
Update -
I get the following in auth.log when the 500 error displays :
Aug 18 22:11:03 mars perl[17407]: pam_unix(webmin:session): session opened for user jeremiahbrock.com by (uid=0)
~Jeremy
Submitted by xtremeservices on Fri, 08/19/2011 - 00:26 Comment #2
-- Update
When I completely close out of IE, open a fresh browser and try the session login which results in a 500 error message, I see the following in auth.log :
Aug 18 22:21:17 mars perl[17713]: pam_unix(webmin:session): session opened for user jeremiahbrock.com by (uid=0)
When I refresh the tab showing the 500 message I get :
Aug 18 22:21:36 mars webmin[17712]: Invalid login as from 69.33.169.227
When I try to login via the "Login to Control Panel" again I get the following :
Aug 18 22:21:42 mars perl[17718]: pam_unix(webmin:session): session opened for user jeremiahbrock.com by (uid=0) Aug 18 22:21:42 mars webmin[17718]: Successful login as jeremiahbrock.com from 69.33.169.227
~Jeremy
Submitted by JamieCameron on Fri, 08/19/2011 - 00:32 Comment #3
This may be because WHMCS isn't passing the testing cooking parameter ..
To avoid the need for this, try editing
/etc/webmin/miniserv.conf
and adding the line no_testing_cookie=1 , then running/etc/webmin/restart
Submitted by xtremeservices on Fri, 08/19/2011 - 00:39 Comment #4
Hi Jamie,
You rock, that fixed it!!
Would you mind pointing me to some documentation or give an example of the proper parameters to be passed so I can pass it on to Matt at WHMCS?
Thanx,
~Jeremy
Submitted by JamieCameron on Fri, 08/19/2011 - 00:42 Comment #5
Great!
WHMCS should pass the notestingcookie=1 parameter to session_login.cgi along with the username and password..
Submitted by xtremeservices on Fri, 08/19/2011 - 00:46 Comment #6
Thanks!
Submitted by xtremeservices on Sat, 08/20/2011 - 12:38 Comment #7
Hi Jamie,
I might need this re-opened now that I am experiencing something similar. After about 12 hours or so the session login quit working altogether. Users were brought to the login with the username filled in. To resolve this I restarted webmin. Please advise.
~Jeremy
Submitted by JamieCameron on Sat, 08/20/2011 - 15:50 Comment #8
So has whmcs been updated with the fix I suggested?
Submitted by xtremeservices on Sat, 08/20/2011 - 16:47 Comment #9
Hi Jamie,
No, WHMCS has not been updated, I am bypassing the cookie check with your recommendation that works in the miniserv.conf. There seems to be an issue where the webmin side of things quits accepting session based logins and needs to be restarted.
~Jeremy
Submitted by JamieCameron on Sat, 08/20/2011 - 18:33 Comment #10
That is unusual .. I would be interested to know if any errors are logged to /var/webmin/miniserv.error , in particular about failed logins. That's the only reason I can think of for this to happen..
Submitted by Issues on Sat, 09/03/2011 - 18:47 Comment #11
Automatically closed -- issue fixed for 2 weeks with no activity.
Submitted by xtremeservices on Fri, 09/09/2011 - 12:23 Comment #12
Hi Jamie,
Sorry to re-open this but the issue is back. The only work around I have been able to find is to have a cron job that kicks off a restart of webmin every hour. This is a bandaid when there should be a cure. I am not receiving any errors in /var/webmin/miniserv.error.
Please let me know if there is something else I can try.
I am using the WHMCS module with the patch to send the notestingcookie=1
Look forward to your response,
~Jeremy
Submitted by JamieCameron on Fri, 09/09/2011 - 13:15 Comment #13
Ok, I know why this happens now .. the real issue is that remote API calls (such as those made by WHMCS) don't restart Webmin properly, causing new users to not be activated,
The upcoming 3.88 Virtualmin release will fix this.
Submitted by xtremeservices on Fri, 09/09/2011 - 13:18 Comment #14
Has anyone told you today how awesome your support is?
I am very pleased to here this will be fixed.
~Jeremy