Closed kecksk0enig closed 6 years ago
It is hard to tell -- I do not have a setup like that to test against at the moment. I expect a 401 on the very first request (because I do not use preemptive authentication with Transmission), but not on successive calls. I use the Apache HttpClient to connect, which should remember to send the credentials directly after a first time it identified authentication is required.
Hi there, just to let you know I'm getting the same error using Deluge 1.3.x behind lighttpd as a SSL proxy.
I can see in the Trandroid log lines such as :
6917 -- Sat May 31 03:38:31 GMT+02:00 2014 -- 3 -- Deluge daemon: Error: AuthenticationFailure exception: Password error? Server time difference? No (valid) cookie in response and JSON was: <?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>404 - Not Found</title>
</head>
<body>
<h1>404 - Not Found</h1>
</body>
</html>
The Deluge web interface is working, that I can confirm. The webif is running without SSL and Lighttpd is proxying and adding SSL. I've added the SHA1 print for the self-signed certificate in Transdroid too.
I'd be happy to help figure a way to debug this :)
And thanks for Transdroid, it's been a lot of fun to use!
One more vote for this issue. I have transmission behind nginx as a proxy, and I see that each request Transdroid sends without auth data, gets 401 and then retries.
Have you enabled SNI on nginx/lighttpd? I had a similar issue with haproxy to begin with, however making sure haproxy uses SNI for identification solved it for me.
I changed:
frontend public
bind *:443 ssl crt /etc/.......
reqadd X-Forwarded-Proto:\ https
redirect scheme https code 301 if !{ ssl_fc }
# 16000000 seconds: a bit more than 6 months
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
acl deluge01 hdr(host) -i deluge01.myhost.com
use_backend deluge01_server if deluge01
to:
frontend public
bind *:443 ssl crt /etc/.......
reqadd X-Forwarded-Proto:\ https
redirect scheme https code 301 if !{ ssl_fc }
# 16000000 seconds: a bit more than 6 months
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
use_backend deluge01_server if { ssl_fc_sni deluge01.myhost.com }```
Not sure if this may be the same issue you are experiencing...
I have the same problem now with Caddy, except I can't connect at all. It always gives me a 401, it doesn't send the auth header at all.
Hi, same problem with nginx and transmission-cli.
I do not have this problem with other clients but they are less sexy.
Tested with authentication requested by nginx or transmission-cli and the problem is the same.
Exemple output from my access.log nginx :
XX.XX.XX.XX - - [03/May/2017:01:36:00 +0200] "POST /transmission/rpc HTTP/1.1" 401 188 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - mylogin [03/May/2017:01:36:00 +0200] "POST /transmission/rpc HTTP/1.1" 200 10711 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - - [03/May/2017:01:36:00 +0200] "POST /transmission/rpc HTTP/1.1" 401 188 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - mylogin [03/May/2017:01:36:00 +0200] "POST /transmission/rpc HTTP/1.1" 200 1585 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - - [03/May/2017:01:36:03 +0200] "POST /transmission/rpc HTTP/1.1" 401 188 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - mylogin [03/May/2017:01:36:03 +0200] "POST /transmission/rpc HTTP/1.1" 200 1585 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - - [03/May/2017:01:36:03 +0200] "POST /transmission/rpc HTTP/1.1" 401 188 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - mylogin [03/May/2017:01:36:03 +0200] "POST /transmission/rpc HTTP/1.1" 200 1585 "-" "Transdroid Torrent Connect"
XX.XX.XX.XX - - [03/May/2017:01:36:03 +0200] "POST /transmission/rpc HTTP/1.1" 401 188 "-" "Transdroid Torrent Connect"
I usually use the https but I prefer to simplify the configuration of the file to better understand the problem :
server {
listen 80;
server_name my.url.net;
auth_basic "Restricted";
auth_basic_user_file /path/to/my/file;
location / {
return 301 https://$server_name/transmission/web/;
}
location ^~ /transmission {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Connection "";
proxy_pass_header X-Transmission-Session-Id;
proxy_pass http://XX.XX.XX.XX:9091/transmission;
}
}
Exactly same problem as the OP here... Any news on this ?
(Thanks for this wonderful app btw)
Bye ! 👋
I am looking into preemptive authorization (like than with the old Vuze adapter).
Perfect ! Keep us posted, I'd be personally glad to test some things if needed :ok_hand:
@HorlogeSkynet Could you try to install https://github.com/erickok/transdroid/releases/download/v2.5.10-dev/transdroid-2.5.10-dev.apk and test your connection?
Yes, let me finish something, and I'll set up the reverse proxy again :crossed_fingers:
Oh god, it just works like a charm :ok_hand: :tada: :bowing_man:
I've got some 403
still randomly thrown by Apache, but maybe it's only my configuration... I'll try to debug this
EDIT : It looks like this message appears when Apache throws 403 :
client denied by server configuration: proxy:http://localhost:9091/transmission/rpc
But I don't see what can cause this, and why it's not the case for each query...
EDIT 2 : Working configuration posted here !
Excellent! I'll merge and let's hope we did not break any other people's auth (like digest auth)... 😬
:rofl:
I hope too :crossed_fingers:
If I manage to fix my issue, I'll post the solution here (it looks like an issue when reverse proxy-ing with Apache 2.4 ...)
Bye, thanks again :wave:
Plus the problem isn't fixed. I keep getting the same every time, and trying to add a new torrent gives me an error in the UI (because of the 401). I have to refresh or retry (not sure which, I do both) before it will work. This bug is five years old at this point :(
Hi! I am using transdroid with transmission behind apache2 (ssl) proxy. Today i looked at the logs and found something like this:
every refresh on transdroid results in those lines. it looks like it first tries to connect withoud required user. Is there a way to fix this?