search

SEPIA-Framework / sepia-docs

Documentation and Wiki for SEPIA. Please post your questions and bug-reports here in the issues section! Thank you :-)
https://sepia-framework.github.io/
238 stars 16 forks source link

New user creation failing #201

Open RobSteward opened 2 years ago

RobSteward commented 2 years ago

I'm receiving a 

{
  "result": "fail",
  "error": "Not allowed to access service from outside the private network!"
}

Error when trying to create a new user after initial install. I'm on a desktop machine using Firefox Developer 103.0b8 (64-bit). I'm on a LAN network connection and have disabled ETP trying to access http://XXX.local:20721/tools/index.html#!user-management.

I'm successfully logged in with my admin that I created and the server is showing okay for all systems. What am I missing?

fquirin commented 2 years ago

Hi @RobSteward ,

this usually happens when you try to change a setting with higher security protection and the server does not recognize your origin as being inside a private network. I wonder why its happening though. Do you see any message in the SEPIA/sepia-assist-server/log.out log file?

You can disable this security feature by setting allow_global_dev_requests=true in your SEPIA/sepia-assist-server/Xtensions/assist.custom.properties if you can't use the Control-HUB to do it.

RobSteward commented 2 years ago

Only this section:

2022-07-14 10:47:47 [Thread-20] INFO SepiaSocketClient - WEBSOCKET-CLIENT: Authenticating user: 'uid1005'
2022-07-14 10:48:41 LOG - JSON-Backup-worker: START
2022-07-14 10:48:41 LOG - JSON-Backup-worker: Data has been stored! (1 time(s)) It took (ms): 16, average (ms): 10000
2022-07-14 10:48:53 ERROR - Unauthorized access attempt to server config! Host: {{MyComputerName}}.local:20721
2022-07-14 11:00:51 [WebSocketClient@219259066-36] ERROR SepiaSocketClient - WEBSOCKET-CLIENT: Socket ERROR: null

Whole log file:

Running SEPIA Assist (sepia-assist-v2.6.2.jar) - Date: 2022_07_14_104740 
2022-07-14 10:47:40 LOG - Security policy and manager set.
2022-07-14 10:47:40 LOG - Security sandbox loaded with 6 entries.
2022-07-14 10:47:40 LOG - JAVA_HOME: C:\Program Files\Eclipse Adoptium\jdk-11.0.15.10-hotspot
2022-07-14 10:47:40 LOG - loading settings from Xtensions/assist.custom.properties... done.
2022-07-14 10:47:40 LOG - --- Running SEPIA-Assist-API with CUSTOM settings ---
2022-07-14 10:47:40 [main] INFO StaticFilesConfiguration - External StaticResourceHandler configured with folder = Xtensions/WebContent
2022-07-14 10:47:40 LOG - Web-server is active and uses folder: Xtensions/WebContent - CORS (files): *
2022-07-14 10:47:40 LOG - Web-server MIME type overwrite: mp4=video/mp4
2022-07-14 10:47:40 LOG - Web-server MIME type overwrite: mp3=audio/mpeg
2022-07-14 10:47:40 LOG - Elasticsearch: found 14 of 14 mapped indices. All good.
2022-07-14 10:47:40 LOG - Finished loading answers module in 136 ms.
2022-07-14 10:47:40 LOG - Finished loading 157(146) predefined commands in 59 ms.
2022-07-14 10:47:40 LOG - Finished loading 794(749) predefined chats in 71 ms.
2022-07-14 10:47:40 LOG - Loaded NLU interpretation-chain with 7 steps: [getPersonalCommand, getFixCommandsExactMatch, getChatSmallTalkMatch, getPublicDbSentenceMatch, getKeywordAnalyzerResult, tryPersonalCommandAsFallback, tryChatSmallTalkAsFallback]
2022-07-14 10:47:40 LOG - Running TTS module setup ...
2022-07-14 10:47:41 ERROR - TTS module - Espeak engine not found. Support has been deactivated for now.
2022-07-14 10:47:41 LOG - TTS module - Pico engine is not support on Windows and has been deactivated.
2022-07-14 10:47:41 ERROR - TTS module - MaryTTS server (http://127.0.0.1:59125) did not answer or had no voices installed. Support has been deactivated for now.
2022-07-14 10:47:41 LOG - TTS module setup has cleaned up '0' leftover files.
2022-07-14 10:47:41 LOG - TTS module setup successful.
2022-07-14 10:47:41 LOG - Services:News - Loaded 54 outlets with groups for 2 languages from: Xtensions/ServiceProperties/news-outlets.json
2022-07-14 10:47:41 LOG - RssFeedReader - backup restored with 51 feeds. Last modified: 2022.07.13_23:20:12
2022-07-14 10:47:41 LOG - Active workers: 2
2022-07-14 10:47:41 LOG - loading webSocket settings from Xtensions/assist.custom.properties... done.
2022-07-14 10:47:41 LOG - finished loading services mapping for 34 interview modules.
2022-07-14 10:47:41 LOG - Testing services for supported commands...
2022-07-14 10:47:41 LOG - 34 services for 34 commands: All valid!
2022-07-14 10:47:41 LOG - Testing parameters handlers...
2022-07-14 10:47:41 LOG - Parameters:RadioStation - Loaded 92 station arrays with 13 playlists and 7 collections from: Xtensions/ServiceProperties/radio-stations.json
2022-07-14 10:47:41 LOG - ParameterTools - Method 'SmartDevice#deviceNamesScan' has ID: 1
2022-07-14 10:47:41 LOG - 60 parameters: All valid!
2022-07-14 10:47:41 LOG - Server token validated
2022-07-14 10:47:41 LOG - Assistant token validated
2022-07-14 10:47:41 LOG - Added 'admin' and 'assistant' to protected accounts list.
2022-07-14 10:47:41 LOG - Starting Assistant-API server v2.6.2 (custom)
2022-07-14 10:47:41 LOG - date: 14.07.2022 - 08:47:41 - GMT
2022-07-14 10:47:41 LOG - server running on port 20721
2022-07-14 10:47:41 [Thread-3] INFO log - Logging initialized @1294ms to org.eclipse.jetty.util.log.Slf4jLog
2022-07-14 10:47:41 [Thread-3] INFO EmbeddedJettyServer - == Spark has ignited ...
2022-07-14 10:47:41 [Thread-3] INFO EmbeddedJettyServer - >> Listening on 0.0.0.0:20721
2022-07-14 10:47:41 [Thread-3] INFO Server - jetty-9.4.31.v20200723; built: 2020-07-23T17:57:36.812Z; git: 450ba27947e13e66baa8cd1ce7e85a4461cacc1d; jvm 11.0.15+10
2022-07-14 10:47:41 [Thread-3] INFO session - DefaultSessionIdManager workerName=node0
2022-07-14 10:47:41 [Thread-3] INFO session - No SessionScavenger set, using defaults
2022-07-14 10:47:41 [Thread-3] INFO session - node0 Scavenging every 600000ms
2022-07-14 10:47:41 [Thread-3] INFO AbstractConnector - Started ServerConnector@5698dd3a{HTTP/1.1, (http/1.1)}{0.0.0.0:20721}
2022-07-14 10:47:41 [Thread-3] INFO Server - Started @1591ms
2022-07-14 10:47:46 LOG - Clients: Checking connection to socket messenger...
2022-07-14 10:47:46 LOG - Clients: Socket messenger found.
2022-07-14 10:47:46 [Thread-2] INFO SocketClientHandler - WEBSOCKET-CLIENT - Connecting to: ws://localhost:20723/messages/
2022-07-14 10:47:47 [WebSocketClient@219259066-36] INFO SepiaSocketClient - WEBSOCKET-CLIENT: Got connection
2022-07-14 10:47:47 [Thread-20] INFO SepiaSocketClient - WEBSOCKET-CLIENT: Authenticating user: 'uid1005'
2022-07-14 10:48:41 LOG - JSON-Backup-worker: START
2022-07-14 10:48:41 LOG - JSON-Backup-worker: Data has been stored! (1 time(s)) It took (ms): 16, average (ms): 10000
2022-07-14 10:48:53 ERROR - Unauthorized access attempt to server config! Host: {{MyComputerName}}.local:20721
2022-07-14 11:00:51 [WebSocketClient@219259066-36] ERROR SepiaSocketClient - WEBSOCKET-CLIENT: Socket ERROR: null
2022-07-14 11:00:51 ERROR - TRACE: org.eclipse.jetty.io.ChannelEndPoint.flush(ChannelEndPoint.java:279)
2022-07-14 11:00:51 ERROR - TRACE: org.eclipse.jetty.io.WriteFlusher.flush(WriteFlusher.java:422)
2022-07-14 11:00:51 ERROR - TRACE: org.eclipse.jetty.io.WriteFlusher.write(WriteFlusher.java:277)
2022-07-14 11:00:51 ERROR - TRACE: org.eclipse.jetty.io.AbstractEndPoint.write(AbstractEndPoint.java:381)
2022-07-14 11:00:51 ERROR - TRACE: org.eclipse.jetty.websocket.common.io.FrameFlusher.flush(FrameFlusher.java:264)
WEBSOCKET-CLIENT: Connection closed - last action: 768897 - reason: 1006 - EofException
^C

I'd rather not allow change security rules - they are normally put in place for a good reason. Given that I'm (currently) running the server directly on the machine that I'm using the browser on I would not think this should be something that I need to disable. The null error seems sketchy to me.. Anything you see that I can further investigate?

RobSteward commented 2 years ago

So, I updated the property, created the user and locked it again. That worked. Facing the next hurdle now with the server not being detected in my Android app, but I'll go through the tutorials some other day to see what I could be doing wrong :)

Can be closed, if you don't have an answer to the original issue.

fquirin commented 2 years ago

I'd rather not allow change security rules - they are normally put in place for a good reason

True :-)

Given that I'm (currently) running the server directly on the machine that I'm using the browser on I would not think this should be something that I need to disable

In this case you should be able to use http://localhost:20721/tools/index.html successfully.

The null error seems sketchy to me

This has given me some headache for a while now but it is only related to an unexpected close of the connection, maybe due to server shutdown or something. It should not be relevant here.

Unauthorized access attempt to server config! Host: {{MyComputerName}}.local:20721

Did you replace the hostname here or is that real? 😅. Anyway I think there is actually a bug in the hostname check that doesn't recognize hostname.local:PORT as private network but only localhost:PORT or hostname.local (w/o port) 🤔 . I will test this again. Btw the IP should work as well.

... That worked. Facing the next hurdle now with the server not being detected in my Android app

What did you use as hostname in your Android app? Did you try using just the bare IP address (no ports, no paths)?

RobSteward commented 2 years ago

Did you replace the hostname here or is that real? 😅.

Yes :D

Btw the IP should work as well. | Did you try using just the bare IP address (no ports, no paths)?

Will try that! In a web browser (on the mobile) it works. Just not through the native Android app

RobSteward commented 2 years ago

Pure IP works in the app. I'm guessing it's down to

Anyway I think there is actually a bug in the hostname check that doesn't recognize hostname.local:PORT as private network but only localhost:PORT or hostname.local (w/o port) 🤔