Author Topic: Session error - Session auth check failed for - Session authentication failed  (Read 19668 times)

Offline myth

  • Newbie
  • *
  • Posts: 9
Hi roundcube community,

I installed my new web-/mailserver under nginx/php 5.3.19 and want to use roundcube, but I am not able to get it work. It seems, that there are problems with the sessions I could not solve by my own. The error messages are:

[14-Jan-2013 08:41:21 +0100]: Session auth check failed for ; timeslot = 2013-01-14 08:41:00
[14-Jan-2013 08:41:21 +0100]: Session authentication failed for ; invalid auth cookie sent; timeslot = 2013-01-14 08:39:00

User login is working fine:

[14-Jan-2013 08:41:21 +0100]: Successful login for xxx@xxx.com (ID: 1) from 217.x.x.x in session 6crhp89j0i1bci3pj8mbep7r61

I searched a lot inside this community forum because some other guys had the same error message, but none of the solutions worked for me. My webserver is using https and so I tried it with and without this following options (true and false):

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = true;
$rcmail_config['session_lifetime'] = 0;
$rcmail_config['session_domain'] = '.xxx.com';
$rcmail_config['session_name'] = 'null';
$rcmail_config['session_storage'] = 'db';
$rcmail_config['memcache_hosts'] = null;
$rcmail_config['ip_check'] = false;

The configuration and testing of SMTP and IMAP was fine as well, but I tried a lot of configuration options and none of them worked. If I delete the session_domain and set it to

$rcmail_config['session_domain'] = ''

I'll get another error message as expected:

[14-Jan-2013 08:50:35 +0100]: Aborted session 6crhp89j0i1bci3pj8mbep7r61; no valid session data found

Sessions in general seems to work on the webserver, because the installed wordpress is running without any problems. I don't know what to do and need some help.

Thank you very much!!

Edit: I also tried it on other computers with all common Browsers.

Edit 2: The timezone within the php.ini is "date.timezone = Europe/Berlin" as well as $rcmail_config['timezone'] = 'Europe/Berlin';
« Last Edit: January 14, 2013, 02:59:35 AM by myth »

Offline myth

  • Newbie
  • *
  • Posts: 9
I tried around a lot more, but it seems to be useless. Maybe somebody could tell me if the lines:

[17-Jan-2013 09:13:43 +0100]: Session auth check failed for ; timeslot = 2013-01-17 09:13:00
[17-Jan-2013 09:13:43 +0100]: Session authentication failed for ; invalid auth cookie sent; timeslot = 2013-01-17 09:11:00

are missing something? Because of "...failed for ;" it seems that there should be something other than ";" or something in front of it?

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Is there any way you could give me ftp access and a test account to take a look at the problem?

Offline myth

  • Newbie
  • *
  • Posts: 9
Yes, shall I send them in forum or by email?

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
You can send them to me by email to scott [at] skaero.com

Offline myth

  • Newbie
  • *
  • Posts: 9
You have mail. :)

Offline myth

  • Newbie
  • *
  • Posts: 9
Skaero told me that the problem might be based on the nginx/php-fpm combination which I have installed on my server.

Do other people also have problems with roundcube and nginx/php-fpm?

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Sorry for not getting back to the problem, extremely busy right now but I should have time to look at it later this week. I have run RoundCube on Nginx & PHP-FPM before so I know it can be done.

Offline yoni5002

  • Newbie
  • *
  • Posts: 2
Myth,

Try the following configuration... make sure to restart nginx and php-fpm after making the changes:

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = false;
$rcmail_config['session_lifetime'] = 10;
$rcmail_config['session_domain'] = '';
$rcmail_config['session_name'] = null;
$rcmail_config['session_storage'] = 'db';
$rcmail_config['memcache_hosts'] = null;
$rcmail_config['ip_check'] = false;


service php-fpm restart
service nginx restart

Offline myth

  • Newbie
  • *
  • Posts: 9
Sorry for not getting back to the problem, extremely busy right now but I should have time to look at it later this week. I have run RoundCube on Nginx & PHP-FPM before so I know it can be done.

I didn't want to hurry you, just want to make sure that maybe there are some others with similar problems. But it doesn't seem so. :)

Myth,

Try the following configuration... make sure to restart nginx and php-fpm after making the changes:

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = false;
$rcmail_config['session_lifetime'] = 10;
$rcmail_config['session_domain'] = '';
$rcmail_config['session_name'] = null;
$rcmail_config['session_storage'] = 'db';
$rcmail_config['memcache_hosts'] = null;
$rcmail_config['ip_check'] = false;


service php-fpm restart
service nginx restart

Tried it, but doesn't help either. :(

I use nginx 1.2.6,1 and php 5.3.20, maybe the problem lays inside this versions...

Offline lenada

  • Newbie
  • *
  • Posts: 1
I can confirm that problem with nginx-1.2.7_1,1  and php-fpm (5.4.11)
the session log says
[25-Feb-2013 20:24:04 +0100]: Session auth check failed for ; timeslot = 2013-02-25 20:20:00
[25-Feb-2013 20:24:04 +0100]: Session authentication failed for ; invalid auth cookie sent; timeslot = 2013-02-25 20:10:00

I had an older version of roundcube running with fpm and nginx for quite a while and never ran into these session/timeslot calculation issues.
Think I'll try to have a deeper look into https://github.com/roundcube/roundcubemail/blob/release-0.8/program/include/rcube_session.php#L589-L616

I just tried master and have the same issues there.
« Last Edit: February 25, 2013, 07:18:54 PM by lenada »

Offline myth

  • Newbie
  • *
  • Posts: 9
Any news here? :)

Offline myth

  • Newbie
  • *
  • Posts: 9
Can I help with this problem in any case?

Offline Drakon

  • Jr. Member
  • **
  • Posts: 45
Hi myth,
I have the same problem. I think that I have problems with datetime config on Apache or another service. Do you know I must change exactly?

fenceposterr1r

  • Guest
Sorry to pull this one out of it's grave, but I'd like to know if there is a solution to this issue?
I'll happily provide you with any information you need!

-FencepostErr1r