OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

This topic contains 2 replies, has 1 voice, and was last updated by  mttjohnson 7 years, 11 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

  • Creator
    Topic
  • #27106

    mttjohnson
    Participant

    After a fresh local install (OroCRM 1.9 from archive) I went to the site to login for the first time and just keep getting redirected to the login page when submitting the login. There isn’t any error indicated when submitting the login.

    It posts data to /user/login-check but gets a 302 and redirected to http://orocrm-fresh.dev/user/login

    I check for logs and am not finding any entries.

    I hooked up my IDE to debug the issue and found that orocrm/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php is executing attemptAuthentication() and throwing ‘Invalid CSRF token.’

    I also noticed that the logger is supposed to be logging this to orocrm/app/logs/prod.log but no log file is getting written there for some reason.

    Digging into the ‘Invalid CSRF token’ error I found that the login was sending over a CSRF token in the form submission, but it was failing to retrieve a CSRF token from the session storage to compare it against.
    \Symfony\Component\Security\Csrf\CsrfTokenManager::isTokenValid

    In my parameters.yml file I have this set for the session_handler
    session_handler: session.handler.native_file

    The default path for session storage is orocrm/app/cache/sessions and I’m seeing files created in the path that match the cookie in my browser, but all the files are 0 bytes.
    -rw——-. 1 501 80 0 Apr 29 23:07 sess_1jp8t2dosb010ruuf8ee01lno6
    -rw——-. 1 501 80 0 Apr 30 23:47 sess_6uh478qgjrk0offu5a6sv50q75
    -rw——-. 1 501 80 0 Apr 30 23:48 sess_duko8tpdcs9nupf8ker0707gk0

    My server environment (CentOS 6, NginX, PHP-FPM PHP 5.6) is running inside a vm using vagrant to share my local files with the vm over an NFS mount.

    At this point I’m thinking that I might have some file permission issues because of the NFS mount. I find it odd though that the application can create the files, but not write to them after it creates them.

    Is there somewhere that define what permissions are set on files that could be causing it to be read/write only for the owner of the file and then preventing any additional writes?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Author
    Replies
  • #27107

    mttjohnson
    Participant

    I’d also like to complain about the forum here, as when I included all the contents in my initial post the submit button would end up getting hidden off to the right when it generated the preview making it really hard to submit stuff on this forum. I basically had to scroll down and hit the submit before it rendered any part of the preview for my entire message to get it submitted.

    #27108

    mttjohnson
    Participant

    I reinstalled under a different path that was not a part of the NFS share where I could control the permissions to match what php-fpm was set to use, and I was able to successfully login. I wrote the session data correctly. It might be beneficial to have some kind of check in place to verify that everything is writeable where it is necessary such as the session storage, otherwise trying to diagnose this on a new install is very difficult.

    For diagnosing this behavior of login page redirects it would be good to make sure that session data is getting written to the session files in app/cache/sessions/

Viewing 2 replies - 1 through 2 (of 2 total)

The forum ‘OroCRM – Installation/Technical Issues or Problems’ is closed to new topics and replies.

Back to top