virtual hosts and kolab/horde
Gavin McCullagh
gavin.mccullagh at gcd.ie
Wed Mar 24 14:14:30 CET 2010
Hi,
we're trying to set up Horde to work on several domains for related
organisations with different domains. It would be preferable to offer
horde on mail.<domain>.<tld> for each domain, rather than making them all
login to the same address.
We've got certificates for each domain and I've assigned an extra IP
address for each domain (as you can't easily do name-based SSL vhosts).
This all works fine.
In order not to change the default kolab at all, I've added a vhost to
/kolab/etc/kolab/templates/httpd.local.template which over-rides things
like the 403 error page, see below.
When I go to login to the vhost, the initial authentication works (I don't
get an auth failed error on the subsequent login page and watching the ldap
traffic with wireshark). However, I keep getting redirected back out onto
The apache access logs show me connecting (see below), there are no apache
errors. The horde.log and php-errors.log are also below.
Can anyone see what I'm doing wrong? Is there a problem with using Horde
on multiple hosts in this way?
Gavin
#######################################################################
NameVirtualHost 172.20.1.174:443
<VirtualHost 172.20.1.174:443>
ServerName mail.<domain>.<tld>
DocumentRoot /kolab/var/kolab/www
ErrorLog /kolab/var/apache/log/mail.<domain>.<tld>/apache-error.log
CustomLog /kolab/var/apache/log/mail.<domain>.<tld>/apache-access.log common
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /kolab/etc/kolab/ssl/mail.<domain>.<tld>/mail.<domain>.<tld>.cert
SSLCertificateKeyFile /kolab/etc/kolab/ssl/mail.<domain>.<tld>/mail.<domain>.<tld>.key
RewriteEngine On
RewriteOptions inherit
<Files ~ "\.(cgi|shtml|phtml|php4|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Location "/">
ErrorDocument 403 https://mail.<domain>.<tld>/admin/
</Location>
<Location "/admin">
SSLRequireSSL
</Location>
<Location "/client">
ErrorDocument 403 https://mail.<domain>.<tld>/client/
SSLRequireSSL
</Location>
<Location "/fbview">
ErrorDocument 403 https://mail.<domain>.<tld>/fbview/
SSLRequireSSL
</Location>
RewriteEngine On
RewriteOptions inherit
<Files ~ "\.(cgi|shtml|phtml|php4|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/kolab/var/kolab/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
#######################################################################
/kolab/var/apache/log/mail.<domain>.<tld>/apache-access.log:
me.domain.tld - - [24/Mar/2010:13:04:08 +0000] "POST /client/imp/redirect.php HTTP/1.1" 302 26
me.domain.tld - - [24/Mar/2010:13:04:11 +0000] "GET /client/index.php?url=https%3A%2F%2Fmail.<domain>.<tld>%2Fclient%2F HTTP/1.1" 302 26
me.domain.tld - - [24/Mar/2010:13:04:11 +0000] "GET /client/login.php HTTP/1.1" 302 26
me.domain.tld - - [24/Mar/2010:13:04:12 +0000] "GET /client/imp/login.php HTTP/1.1" 200 3289
/var/log/kolab/client/log/horde.log:
Mar 24 13:08:05 HORDE [debug] [imp] Hook _prefs_change_hook_last_login in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:06 HORDE [notice] [imp] Login success for gavin.mccullagh@<mydomain>.<tld> [172.16.1.3] to {<servername>.<mydomain>.<tld>:143 [imap/notls/novalidate-cert]} [pid 11541 on line 304 of "/kolab/var/kolab/www/client/imp/lib/Session.php"]
Mar 24 13:08:06 HORDE [debug] [imp] Hook _prefs_change_hook_last_maintenance in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:06 HORDE [debug] [imp] Max memory usage: 19660800 bytes [pid 11541 on line 339 of "/kolab/var/kolab/www/client/lib/Horde/Registry.php"]
Mar 24 13:08:06 HORDE [debug] [imp] IMAP errors: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN SECURITY PROBLEM: insecure server advertised AUTH=PLAIN [pid 11541 on line 175 of "/kolab/var/kolab/www/client/imp/lib/IMAP.php"]
Mar 24 13:08:08 HORDE [debug] [horde] Max memory usage: 7864320 bytes [pid 11541 on line 339 of "/kolab/var/kolab/www/client/lib/Horde/Registry.php"]
Mar 24 13:08:08 HORDE [debug] [horde] Max memory usage: 7864320 bytes [pid 11541 on line 339 of "/kolab/var/kolab/www/client/lib/Horde/Registry.php"]
Mar 24 13:08:08 HORDE [debug] [kronolith] Hook _horde_hook_share_init in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:08 HORDE [error] [kronolith] IMAP error. Server: <servername>.<mydomain>.<tld>. Error: IMAP Authentication cancelled [pid 11541 on line 1330 of "/kolab/var/kolab/www/client/kronolith/lib/Kronolith.php"]
Mar 24 13:08:08 HORDE [debug] [kronolith] Hook _prefs_change_hook_display_remote_cals in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:08 HORDE [debug] [kronolith] Guest user does not have READ permission for turba [pid 11541 on line 814 of "/kolab/var/kolab/www/client/lib/Horde/Registry.php"]
Mar 24 13:08:08 HORDE [debug] [kronolith] Guest user does not have READ permission for nag [pid 11541 on line 814 of "/kolab/var/kolab/www/client/lib/Horde/Registry.php"]
Mar 24 13:08:08 HORDE [debug] [kronolith] Hook _prefs_change_hook_display_external_cals in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:08 HORDE [debug] [kronolith] Hook _prefs_change_hook_display_cals in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:08 HORDE [debug] [nag] Hook _horde_hook_share_init in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:08 HORDE [error] [nag] IMAP error. Server: <servername>.<mydomain>.<tld>. Error: IMAP Authentication cancelled [pid 11541 on line 281 of "/kolab/var/kolab/www/client/nag/lib/Nag.php"]
Mar 24 13:08:08 HORDE [error] [nag] IMAP error. Server: <servername>.<mydomain>.<tld>. Error: IMAP Authentication cancelled [pid 11541 on line 281 of "/kolab/var/kolab/www/client/nag/lib/Nag.php"]
Mar 24 13:08:08 HORDE [debug] [nag] Hook _prefs_change_hook_display_tasklists in application horde not called. [pid 11541 on line 1683 of "/kolab/var/kolab/www/client/lib/Horde.php"]
Mar 24 13:08:08 HORDE [debug] [imp] SQL query by Horde_Alarm_sql::_list(): SELECT alarm_id, alarm_uid, alarm_start, alarm_end, alarm_methods, alarm_params, alarm_title, alarm_text, alarm_snooze, alarm_internal FROM horde_alarms WHERE alarm_dismissed = 0 AND ((alarm_snooze IS NULL AND alarm_start <= ?) OR alarm_snooze <= ?) AND (alarm_end IS NULL OR alarm_end >= ?) AND (alarm_uid = ? OR alarm_uid = ?) ORDER BY alarm_start, alarm_end [pid 11541 on line 148 of "/kolab/var/kolab/www/client/lib/Horde/Alarm/sql.php"]
Mar 24 13:08:08 HORDE [debug] [imp] Max memory usage: 18350080 bytes [pid 11541 on line 339 of "/kolab/var/kolab/www/client/lib/Horde/Registry.php"]
/var/log/kolab/client/php-errors.log
[24-Mar-2010 13:10:22] PHP Notice: Unknown: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: IMAP protocol error: Client canceled authentication (errflg=2) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: IMAP Authentication cancelled (errflg=2) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: IMAP protocol error: Client canceled authentication (errflg=2) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: IMAP Authentication cancelled (errflg=2) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: IMAP protocol error: Client canceled authentication (errflg=2) in Unknown on line 0
[24-Mar-2010 13:10:22] PHP Notice: Unknown: IMAP Authentication cancelled (errflg=2) in Unknown on line 0
More information about the users
mailing list