Oliver Werner
2016-03-07 11:28:13 UTC
Hi,
i canât Login with my User (used LDAP)
i got an 403 error.
so now i have used tcpflow to check out more:
127.000.000.001.58766-127.000.000.001.20000: POST /SOGo/connect HTTP/1.1
Host: sogo.kontrast.de
Accept: application/json, text/plain, */*
Origin: https://sogo.kontrast.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://sogo.kontrast.de/SOGo/
Accept-Encoding: gzip, deflate
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: _ga=GA1.2.11741527.1455375291
x-webobjects-server-port: 443
x-webobjects-server-protocol: HTTP/1.0
X-Forwarded-For: 192.168.49.7
X-Forwarded-Host: sogo.kontrast.de
X-Forwarded-Server: sogo.kontrast.de
Connection: close
127.000.000.001.58766-127.000.000.001.20000: Content-Length: 58
{"userNameâ:"user","passwordâ:"pass","rememberLogin":0}
127.000.000.001.20000-127.000.000.001.58766: HTTP/1.1 403 Forbidden
127.000.000.001.20000-127.000.000.001.58766: Content-Length: 34
Content-Type: application/json
127.000.000.001.20000-127.000.000.001.58766: set-cookie:
127.000.000.001.20000-127.000.000.001.58766: SOGoLogin=; expires=Sun, 06-Mar-2016 11:23:13 UTC; path=/SOGo/
127.000.000.001.20000-127.000.000.001.58766:
127.000.000.001.20000-127.000.000.001.58766: {"LDAPPasswordPolicyError": 65535}
My Apache-Config looks
<VirtualHost 192.168.0.5:443>
ServerName sogo.kontrast.de
Alias /SOGo.woa/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
<Directory /usr/lib/GNUstep/SOGo/>
AllowOverride All
<IfVersion < 2.4>
Order deny,allow
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
# Explicitly allow caching of static content to avoid browser specific behavior.
# A resource's URL MUST change in order to have the client load the new version.
<IfModule expires_module>
ExpiresActive On
ExpiresDefault "access plus 1 year"
</IfModule>
</Directory>
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPass /SOGo http://localhost:20000/SOGo retry=0
<Proxy http://localhost:20000/SOGo>
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "sogo.kontrast.de"
#RequestHeader set "x-webobjects-server-url" "https://sogo.kontrast.de/SOGo"
RequestHeader unset "x-webobjects-remote-user"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
AddDefaultCharset UTF-8
Order deny,allow
Allow from all
</Proxy>
<IfModule rewrite_module>
RewriteEngine On
RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
</IfModule>
CustomLog /var/log/apache2/sogo.kontrast.de-access.log combined
ErrorLog /var/log/apache2/sogo.kontrast.de-error.log
SSLEngine on
SSLCertificateFile /etc/ssl/kontrast/wildcard.kontrast.de/wildcard.kontrast.de.crt
SSLCertificateKeyFile /etc/ssl/kontrast/wildcard.kontrast.de/wildcard.kontrast.de.key
SSLCertificateChainFile /etc/ssl/kontrast/wildcard.kontrast.de/ca.crt
</VirtualHost>
Now anyone knows about it or can help me?
Regards
OLIVER WERNER
System-Administrator
Kontrast Communication Services GmbH
Grafenberger Allee 100, 40237 DÃŒsseldorf, Germany
Fon +49-211-91505-500
Fax +49-211-91505-530
www.kontrast.de <http://www.kontrast.de/>
Amtsgericht DÃŒsseldorf: HRB 26934
GeschÀftsfÌhrer: Joachim Fischer, Anja Grote-Lutter, Leontine van der Vlist
<https://www.facebook.com/kontrast.communication> <https://twitter.com/KONTRAST_de> <http://www.xing.com/companies/kontrastcommunicationservicesgmbh> <http://www.linkedin.com/company/kontrast-communication-services-gmbh> <https://vimeo.com/kontrastcs> <http://instagram.com/kontrast_de>
Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Please consider the environment and only print this if required.
i canât Login with my User (used LDAP)
i got an 403 error.
so now i have used tcpflow to check out more:
127.000.000.001.58766-127.000.000.001.20000: POST /SOGo/connect HTTP/1.1
Host: sogo.kontrast.de
Accept: application/json, text/plain, */*
Origin: https://sogo.kontrast.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://sogo.kontrast.de/SOGo/
Accept-Encoding: gzip, deflate
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: _ga=GA1.2.11741527.1455375291
x-webobjects-server-port: 443
x-webobjects-server-protocol: HTTP/1.0
X-Forwarded-For: 192.168.49.7
X-Forwarded-Host: sogo.kontrast.de
X-Forwarded-Server: sogo.kontrast.de
Connection: close
127.000.000.001.58766-127.000.000.001.20000: Content-Length: 58
{"userNameâ:"user","passwordâ:"pass","rememberLogin":0}
127.000.000.001.20000-127.000.000.001.58766: HTTP/1.1 403 Forbidden
127.000.000.001.20000-127.000.000.001.58766: Content-Length: 34
Content-Type: application/json
127.000.000.001.20000-127.000.000.001.58766: set-cookie:
127.000.000.001.20000-127.000.000.001.58766: SOGoLogin=; expires=Sun, 06-Mar-2016 11:23:13 UTC; path=/SOGo/
127.000.000.001.20000-127.000.000.001.58766:
127.000.000.001.20000-127.000.000.001.58766: {"LDAPPasswordPolicyError": 65535}
My Apache-Config looks
<VirtualHost 192.168.0.5:443>
ServerName sogo.kontrast.de
Alias /SOGo.woa/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
<Directory /usr/lib/GNUstep/SOGo/>
AllowOverride All
<IfVersion < 2.4>
Order deny,allow
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
# Explicitly allow caching of static content to avoid browser specific behavior.
# A resource's URL MUST change in order to have the client load the new version.
<IfModule expires_module>
ExpiresActive On
ExpiresDefault "access plus 1 year"
</IfModule>
</Directory>
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPass /SOGo http://localhost:20000/SOGo retry=0
<Proxy http://localhost:20000/SOGo>
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "sogo.kontrast.de"
#RequestHeader set "x-webobjects-server-url" "https://sogo.kontrast.de/SOGo"
RequestHeader unset "x-webobjects-remote-user"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
AddDefaultCharset UTF-8
Order deny,allow
Allow from all
</Proxy>
<IfModule rewrite_module>
RewriteEngine On
RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
</IfModule>
CustomLog /var/log/apache2/sogo.kontrast.de-access.log combined
ErrorLog /var/log/apache2/sogo.kontrast.de-error.log
SSLEngine on
SSLCertificateFile /etc/ssl/kontrast/wildcard.kontrast.de/wildcard.kontrast.de.crt
SSLCertificateKeyFile /etc/ssl/kontrast/wildcard.kontrast.de/wildcard.kontrast.de.key
SSLCertificateChainFile /etc/ssl/kontrast/wildcard.kontrast.de/ca.crt
</VirtualHost>
Now anyone knows about it or can help me?
Regards
OLIVER WERNER
System-Administrator
Kontrast Communication Services GmbH
Grafenberger Allee 100, 40237 DÃŒsseldorf, Germany
Fon +49-211-91505-500
Fax +49-211-91505-530
www.kontrast.de <http://www.kontrast.de/>
Amtsgericht DÃŒsseldorf: HRB 26934
GeschÀftsfÌhrer: Joachim Fischer, Anja Grote-Lutter, Leontine van der Vlist
<https://www.facebook.com/kontrast.communication> <https://twitter.com/KONTRAST_de> <http://www.xing.com/companies/kontrastcommunicationservicesgmbh> <http://www.linkedin.com/company/kontrast-communication-services-gmbh> <https://vimeo.com/kontrastcs> <http://instagram.com/kontrast_de>
Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Please consider the environment and only print this if required.