Unable to log in since auth change

Since the recent auth change I’ve been unable to log in to our LibreNMS installation. My issue is very similar to this one in that I’m using a https://… base_url, but with one key difference; I am not using a reverse proxy. I am running apache with SSL configured, and everything was working prior to the recent auth update.

I can access the login page, but with a “mixed content” warning. Additionally, when entering the username/password Firefox warns that the forms are not being submitted over a secure channel, and even if I ignore this it does not log me in, it just kicks me back to the login screen. The logs show nothing (beyond the normal polling).

validate.php output:

====================================
Component | Version
--------- | -------
LibreNMS  | 1.43-82-gcf31776a6
DB Schema | 267
PHP       | 5.6.37
MySQL     | 5.6.41-log
RRDTool   | 1.7.0
SNMP      | NET-SNMP 5.7.3
====================================

[OK]    Composer Version: 1.7.2
[OK]    Dependencies up-to-date.
[OK]    Database connection successful
[OK]    Database schema correct

Let me know if you need any additional data.

Can you post the mixed content? What are being loaded as http instead of https?

Also, try login with /debug=yes/ in the url (Access https://yourserver/debug=yes/ and the try to login) and check librenms.log

The logo is being delivered over http instead of https (http://…/images/librenms_logo_light.svg).

I’m trying to turn on debugging with /debug=yes/, but I always get http 302 redirects to the usual login page, and nothing in the log.

did you try run ./daily.sh again? Still same issue in a private window?

Running daily.sh manually shows everything is nominal:

Updating to latest codebase                        OK
Updating Composer packages                         OK
Updating SQL-Schema                                OK
Updating submodules                                OK
Cleaning up DB                                     OK
Fetching notifications                             OK
Caching PeeringDB data                             OK

And the issues are the same in a private window.

Really does sound like you’re running a proxy here.

No, I am not. However, even if I were, the resolution for the other guy with a similar issue (which was to set up a cert on his web server) is already in place, so it’s definitely something else causing the problem.

Got the same problem after upgrading to gdf90881 from a month or so old version. I am NOT using a reverse proxy - just a regular Nginx web server with SSL, serving PHP content directly.

The login screen is broken, as the site tries to load objects via HTTP, not HTTPS.

I am using https URL in APP_URL in .env as well as in config[‘base_url’], even tried adding X-Forwarded-Proto “https” header via Nginx - no luck.

The only ‘fix’ I found is to modify app/Providers/AppServiceProvider.php and add:

    $this->app['url']->forceScheme('https');

====================================

Component Version
LibreNMS 1.43-140-gdf90881
DB Schema 268
PHP 7.2.1
MySQL 10.2.12-MariaDB
RRDTool 1.6.0
SNMP NET-SNMP 5.7.2

====================================

[OK] Composer Version: 1.7.2
[OK] Dependencies up-to-date.
[OK] Database connection successful
[OK] Database schema correct

1 Like

I had to do the same thing to get the HTTPS URLs working correctly. What’s the real fix? :-\

I also had to add the line, which I believe should be added to the public function boot() { … }.

The ultimate “fix” will have to come from the developers patching LibreNMS to add this line when your base_url begins with https. Until then, I’ve disabled daily updates within the config.