OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • [SOLVED] OPNsense UI login problem
« previous next »
  • Print
Pages: [1]

Author Topic: [SOLVED] OPNsense UI login problem  (Read 16613 times)

phoenix

  • Hero Member
  • *****
  • Posts: 506
  • Karma: 55
    • View Profile
[SOLVED] OPNsense UI login problem
« on: August 03, 2016, 04:43:54 pm »
I'm seeing the following message occasionally when I try to login to the web ui:

Code: [Select]
CSRF check failed. Your form session may have expired, or you may not have cookies enabled.It's only a temporary problem, I can login via the web ui without problem immediately after seeing that message. Is it a browser problem or an OPNsense problem? This did happen on the 16.1.x release but as I don't use the UI very often it didn't really matter, it's just that now I'm trying to find out the cause of a problem it's getting a bit annoying.
« Last Edit: February 02, 2017, 10:05:35 pm by franco »
Logged
Regards


Bill

Aadolf

  • Newbie
  • *
  • Posts: 33
  • Karma: 1
    • View Profile
Re: OPNsense UI login problem
« Reply #1 on: August 08, 2016, 06:08:52 am »
Code: [Select]
CSRF check failed. Your form session may have expired, or you may not have cookies enabled.I saw this message too.
« Last Edit: August 08, 2016, 06:11:11 am by Aadolf »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13689
  • Karma: 1176
    • View Profile
Re: OPNsense UI login problem
« Reply #2 on: August 08, 2016, 07:57:01 am »
This is a security mechanism that got elevated because it was simply too static. That happened some time mid-16.1. I still have work there, hopefully replacing the rest of the old CSRF protection cruft for something simpler and less trigger-happy.

The CSRF token is invalidated on web interface restart, so the login screen doesn't work anymore if left open from the previous boot. Non-reboot firmware updates trigger this too, as well as changing settings under System: Settings: Administration.


Cheers,
Franco
Logged

phoenix

  • Hero Member
  • *****
  • Posts: 506
  • Karma: 55
    • View Profile
Re: OPNsense UI login problem
« Reply #3 on: August 08, 2016, 08:10:48 am »
Hi Franco

Thanks for the reply and the explanation. :) As I mentioned it's not really a great problem but at the time I posted I had to keep checking the UI and this was happening every other time I opened it. Anyway, since I posted this question this message has, naturally, stopped appearing. As long as it's nothing serious which was all I was bothered about. Thanks again and have a good day.
Logged
Regards


Bill

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13689
  • Karma: 1176
    • View Profile
Re: OPNsense UI login problem
« Reply #4 on: August 08, 2016, 07:40:19 pm »
Hi Bill,

It's weird, did you guys do a lot of maintenance back when this happened? So we seem to have a windows of when this was ok before and after, pointing to a local issue?

Nevertheless, I shall vow to clean this up. :)


Cheers,
Franco
Logged

phoenix

  • Hero Member
  • *****
  • Posts: 506
  • Karma: 55
    • View Profile
Re: OPNsense UI login problem
« Reply #5 on: August 08, 2016, 08:17:42 pm »
Hi France

It's difficult to say exactly when this started, I have a recollection that it was about four months ago. As I mentioned I didn't use the UI much as everything was running fine and this problem only rarely occurred. After the upgrade to 16.7 I was testing some firewall rule changes and that involved opening the web UI frequently (I normally logged out or rebooted after the changes) After about every fourth login I saw the error message in my first post. I've since resolved my little investigation and changes so I've been using the UI less and the message hasn't appeared since I reported it - I don't know if that helps much.
Logged
Regards


Bill

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13689
  • Karma: 1176
    • View Profile
Re: OPNsense UI login problem
« Reply #6 on: February 02, 2017, 10:05:24 pm »
Took a while, but now with 17.1.1 we're switching to a token per session, so unless your session is expired or the box is rebooted it will work: https://github.com/opnsense/core/commit/f20640d0b69113
Logged

phoenix

  • Hero Member
  • *****
  • Posts: 506
  • Karma: 55
    • View Profile
Re: [SOLVED] OPNsense UI login problem
« Reply #7 on: February 03, 2017, 02:22:48 pm »
Hi Franco

This has only happened once on 17.1 so it's no big problem for me, thanks for the update. :)
Logged
Regards


Bill

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • [SOLVED] OPNsense UI login problem
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2