Hi Striker,
the output of error_log when trying to login is:
[Wed May 22 22:43:50.791861 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: Starting new HTTP connection (1): ipa3.roth.net:80
[Wed May 22 22:43:50.807169 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: http://ipa3.roth.net:80 "GET /ipa/session/cookie HTTP/1.1" 301 250
[Wed May 22 22:43:50.835158 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: Starting new HTTPS connection (1): ipa3.roth.net:443
[Wed May 22 22:43:50.959893 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.178.:43548] ipa: DEBUG: https://ipa3.roth.net:443 "GET /ipa/session/cookie HTTP/1.1" 200 0
[Wed May 22 22:43:51.040332 2019] [wsgi:error] [pid 21730:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: WSGI wsgi_dispatch.__call__:
[Wed May 22 22:43:51.042095 2019] [wsgi:error] [pid 21730:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: WSGI jsonserver_session.__call__:
[Wed May 22 22:43:51.043798 2019] [wsgi:error] [pid 21730:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: no ccache, need login
[Wed May 22 22:43:51.046018 2019] [wsgi:error] [pid 21730:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: 401 Unauthorized need login
[Wed May 22 22:43:51.086133 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: WSGI wsgi_dispatch.__call__:
[Wed May 22 22:43:51.088151 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: WSGI KerberosLogin.__call__:
[Wed May 22 22:43:51.089993 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: no ccache, need login
[Wed May 22 22:43:51.092056 2019] [wsgi:error] [pid 21731:tid 2937889584] [remote 192.168.1.22:43548] ipa: DEBUG: 401 Unauthorized need login
Markus Roth
Striker Leggette <striker@terranforge.com> hat am 22. Mai 2019 um 22:12 geschrieben:
Hi,
Create the file /etc/ipa/server.conf if it is not made:
# touch /etc/ipa/server.conf
Then, edit it so that it has debugging:
[global]
debug=True
Then, restart Apache:
# systemctl restart httpd
After, reproduce the login failure. Once that is done, check the output of /var/log/httpd/ access_log and error_log.
Striker
On 05/22/2019 03:53 PM, Markus Roth via FreeIPA-users wrote:Hello all,
I installed a freeipa server (ipa1) and two replicas (ipa2, ipa3).
When I login at the Web-UI on ipa3 I get the message "Your session has expired. Please log in again." I checked the time on ipa3 and the client. It is the same time. Login on the other ipa servers is possible.
Has anybody a hint to solve this problem?
Markus Roth
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org