HugoTH85
commented
3 months ago I have found the origin of this issue. It is directly linked with session parameters which are set up in the functions_general.inc.php file. (path : ./ona/www/include/functions_general.inc.php). Here is the original part of the code I have modified (line 1260) :
if(PHP_VERSION_ID < 70300) {
session_set_cookie_params($conf['cookie_life'], '/; samesite=Strict', NULL, $secure, true);
} else {
session_set_cookie_params([
'lifetime' => $conf['cookie_life'],
'path' => '/',
'domain' => $_SERVER['SERVER_NAME'],
'secure' => $secure,
'httponly' => true,
'samesite' => 'Strict'
]);
}You are using the $_SERVER['SERVER_NAME'] superglobal variable and it always returns the server URL even if you're requesting from the reverse-proxy URL. So I have remplaced it with $_SERVER['HTTP_HOST'] that returns the domain name that appears in the HTTP Request Header and now it works pretty well ! So here is the modified part of the code :
if(PHP_VERSION_ID < 70300) {
session_set_cookie_params($conf['cookie_life'], '/; samesite=Strict', NULL, $secure, true);
} else {
session_set_cookie_params([
'lifetime' => $conf['cookie_life'],
'path' => '/',
'domain' => $_SERVER['HTTP_HOST'],
'secure' => $secure,
'httponly' => true,
'samesite' => 'Strict'
]);
}
Hello,
I have some trouble with trying to use reverse-proxy with OpenNetAdmin. It seems like I cannot use this software like that. More precisely, when I am using the reverse-proxy URL, I can't connect with a LDAP account, and admin account doesn't have any permissions. Moreover, I cannot see the data (VLAN_campus, VLAN, subnets, etc.). It would come from the Response Cookie that the server formulates. To me, it is linked with this lines :
in the ona/www/include/functions_general.inc.php file.
What are your opinions about that ?