Session error - Session auth check failed for - Session authentication failed

[myth]

Hi roundcube community,

I installed my new web-/mailserver under nginx/php 5.3.19 and want to use roundcube, but I am not able to get it work. It seems, that there are problems with the sessions I could not solve by my own. The error messages are:

[14-Jan-2013 08:41:21 +0100]: Session auth check failed for ; timeslot = 2013-01-14 08:41:00
[14-Jan-2013 08:41:21 +0100]: Session authentication failed for ; invalid auth cookie sent; timeslot = 2013-01-14 08:39:00

User login is working fine:

[14-Jan-2013 08:41:21 +0100]: Successful login for [email protected] (ID: 1) from 217.x.x.x in session 6crhp89j0i1bci3pj8mbep7r61

I searched a lot inside this community forum because some other guys had the same error message, but none of the solutions worked for me. My webserver is using https and so I tried it with and without this following options (true and false):

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = true;
$rcmail_config['session_lifetime'] = 0;
$rcmail_config['session_domain'] = '.xxx.com';
$rcmail_config['session_name'] = 'null';
$rcmail_config['session_storage'] = 'db';
$rcmail_config['memcache_hosts'] = null;
$rcmail_config['ip_check'] = false;

The configuration and testing of SMTP and IMAP was fine as well, but I tried a lot of configuration options and none of them worked. If I delete the session_domain and set it to

$rcmail_config['session_domain'] = ''

I'll get another error message as expected:

[14-Jan-2013 08:50:35 +0100]: Aborted session 6crhp89j0i1bci3pj8mbep7r61; no valid session data found

Sessions in general seems to work on the webserver, because the installed wordpress is running without any problems. I don't know what to do and need some help.

Thank you very much!!

Edit: I also tried it on other computers with all common Browsers.

Edit 2: The timezone within the php.ini is "date.timezone = Europe/Berlin" as well as $rcmail_config['timezone'] = 'Europe/Berlin';

[myth]

I tried around a lot more, but it seems to be useless. Maybe somebody could tell me if the lines:

[17-Jan-2013 09:13:43 +0100]: Session auth check failed for ; timeslot = 2013-01-17 09:13:00
[17-Jan-2013 09:13:43 +0100]: Session authentication failed for ; invalid auth cookie sent; timeslot = 2013-01-17 09:11:00

are missing something? Because of "...failed for ;" it seems that there should be something other than ";" or something in front of it?

[SKaero]

Is there any way you could give me ftp access and a test account to take a look at the problem?

[myth]

Yes, shall I send them in forum or by email?

[SKaero]

You can send them to me by email to scott [at] skaero.com

[myth]

You have mail.

[myth]

Skaero told me that the problem might be based on the nginx/php-fpm combination which I have installed on my server.

Do other people also have problems with roundcube and nginx/php-fpm?

[SKaero]

Sorry for not getting back to the problem, extremely busy right now but I should have time to look at it later this week. I have run RoundCube on Nginx & PHP-FPM before so I know it can be done.

[yoni5002]

Myth,

Try the following configuration... make sure to restart nginx and php-fpm after making the changes:

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = false;
$rcmail_config['session_lifetime'] = 10;
$rcmail_config['session_domain'] = '';
$rcmail_config['session_name'] = null;
$rcmail_config['session_storage'] = 'db';
$rcmail_config['memcache_hosts'] = null;
$rcmail_config['ip_check'] = false;


service php-fpm restart
service nginx restart

[myth]

Sorry for not getting back to the problem, extremely busy right now but I should have time to look at it later this week. I have run RoundCube on Nginx & PHP-FPM before so I know it can be done.

I didn't want to hurry you, just want to make sure that maybe there are some others with similar problems. But it doesn't seem so.

Myth,

Try the following configuration... make sure to restart nginx and php-fpm after making the changes:

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = false;
$rcmail_config['session_lifetime'] = 10;
$rcmail_config['session_domain'] = '';
$rcmail_config['session_name'] = null;
$rcmail_config['session_storage'] = 'db';
$rcmail_config['memcache_hosts'] = null;
$rcmail_config['ip_check'] = false;


service php-fpm restart
service nginx restart

Tried it, but doesn't help either.

I use nginx 1.2.6,1 and php 5.3.20, maybe the problem lays inside this versions...

[lenada]

I can confirm that problem with nginx-1.2.7_1,1  and php-fpm (5.4.11)
the session log says
[25-Feb-2013 20:24:04 +0100]: Session auth check failed for ; timeslot = 2013-02-25 20:20:00
[25-Feb-2013 20:24:04 +0100]: Session authentication failed for ; invalid auth cookie sent; timeslot = 2013-02-25 20:10:00

I had an older version of roundcube running with fpm and nginx for quite a while and never ran into these session/timeslot calculation issues.
Think I'll try to have a deeper look into https://github.com/roundcube/roundcubemail/blob/release-0.8/program/include/rcube_session.php#L589-L616

I just tried master and have the same issues there.

[myth]

Any news here?

[myth]

Can I help with this problem in any case?

[Drakon]

Hi myth,
I have the same problem. I think that I have problems with datetime config on Apache or another service. Do you know I must change exactly?

[fenceposterr1r]

Sorry to pull this one out of it's grave, but I'd like to know if there is a solution to this issue?
I'll happily provide you with any information you need!

-FencepostErr1r