There was an error authenticating, please try again Open-AudIT community login

 
1
0
-1

I have setup Open-AudIT to use HTTPS, and I have re-configured with all required steps for  SSL.conf and the redirect options required. When I try to access the Open-Audit community edition I'm not able to login to it using the default user name (admin) and password. I'm getting "There was an error authenticating, please try again".


I have tried default user name and password using https with nmis and it worked fine, but not with Open-AudIT community, also I have restored the database and I'm still having the same issue, any ideas why this is happening?

Any help would be greatly appreciated.

Thank you!

    CommentAdd your comment...

    2 answers

    1.  
      1
      0
      -1

      What is the URL you are using to logon?

      1. Ricardo Mateo

        https://10.70.32.203/omk

        and then I select from Modules Open-AudIT and goes to

        https://10.70.32.203/en/omk/open-audit/login?redirect_url=%2Fomk%2Fopen-audit%2F

      2. Mark Unwin

        OK, that's the Professional / Enterprise logon page.

        Please attach the logs from omk/log/auth.pm and omk/log/open-audit.log

        These will be in (Windows) c:\omk or (Linux) /usr/local/omk.

        And also attash omk/conf/opCommon.json

      3. Ricardo Mateo

        I was not able to find the opCommon.json file, below are the 2 logs

        auth.log

        open-audit.log-20210131

      4. Mark Unwin

        I'm guessing your Apache is not accepting http requests from localhost.

        From open-audit.log

        [Thu Feb  4 18:39:31 2021] [error] 1272 OMK::oae->get: URL: http://127.0.0.1/open-audit/index.php/widgets

[Thu Feb  4 18:50:25 2021] [error] 1274 OMK::oae->get: Nothing returned in response from OAC.  Connection refused

        And in auth.log

        [Thu Feb  4 21:20:05 2021] [error] Connection Error: Connection refused

[Thu Feb  4 21:20:05 2021] [info] INFO login request of user=admin method=openaudit failed

[Thu Feb  4 21:20:05 2021] [info] 15476 Authentication failure for username=admin

[Thu Feb  4 21:22:00 2021] [info] INFO login request of user=admin method=htpasswd failed

[Thu Feb  4 21:22:00 2021] [error] Error, failed when sending credentials to oac. Error code ().
      5. Ricardo Mateo

        on httpd.conf I have:


        Listen 10.70.32.203:443

<VirtualHost *:80>
ServerName 10.70.32.203
ProxyRequests off

RewriteEngine On
RewriteCond %{HTTP_HOST} !=localhost [NC]
RewriteCond %{REMOTE_ADDR} !=127.0.0.1
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>

        And on ssl.conf I have 

        <VirtualHost *:443>

     SSLEngine On
     SSLCertificateFile /etc/pki/tls/certs/ca.crt
     SSLCertificateKeyFile /etc/pki/tls/private/ca.key
     ServerAdmin ept@dagintl.com
     ServerName  10.70.32.203
     SSLProtocol -all +TLSv1.1 +TLSv1.2
     SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 !EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH-RSA-DES-CBC3-SHA !ECDHE-RSA-DES-CBC3-SHA !DES-CBC3-SHA !ECDHE-RSA-RC4-SHA !RC4-MD5 !RC4-SHA"
     TraceEnable off
     RewriteEngine On
     RewriteCond %{REQUEST_METHOD} ^TRACE
     RewriteRule .* - [F]
     RewriteCond %{HTTPS} off
     RewriteCond %{REQUEST_URI} !^/open-audit/
     RewriteRule ^/(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]
     DocumentRoot /var/www/html/

</VirtualHost>



      6. Mark Unwin

        Do you see anything in your apache access or error logs?

      CommentAdd your comment...
    2.  
      1
      0
      -1

      You must allow http from localhost. Have you allowed this?

      Configuring Open-Audit with HTTPS/SSL


      1. Ricardo Mateo

        Sorry for asking this way, but I'm new configuring and managing Linux, but where should I configure/allow http from localhost? Is this on the httpd.conf or with the firewall-d service (which it's disabled)?

      2. Mark Unwin

        You need to set this in your apache conf (/etc/httpd). I'd suggest reading up on it.

        <VirtualHost *:80>
ServerName your.server.name
ServerAlias your.server.name
ProxyRequests off

RewriteEngine On
RewriteCond %{HTTP_HOST} !=localhost [NC]
RewriteCond %{REMOTE_ADDR} !=127.0.0.1
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>
      3. Ricardo Mateo

        I tried this, restarted the httpd service and I'm still receiving "There was an error authenticating, please try again"

      4. Mark Unwin

        Try running this to set the log level from the command line.

        mysql -u openaudit -popenauditpassword openaudit -e "UPDATE configuration SET value = 7 WHERE name = 'log_level';"

        Then try and log on. Assuming it fails, run the below to get all logs.

        mysql -u openaudit -popenauditpassword openaudit -e "SELECT * FROM logs;" > logs.txt

        Then look through logs.txt using less (or tail) for the reason.

        less logs.txt
        tail -n 100 logs.txt
      5. Ricardo Mateo

        This is the result I get, sorry for the late response

        id timestamp request_microtime type severity severity_text pid user server ip collection action function status summary detail
        1 2021-01-19 06:46:40 1611038800.9293 system 5 notice 28738 tform301 172.20.1.6 logon m_logon::logon success User logged on Existing user admin logged on (local account).
        2 2021-01-19 14:16:50 1611065810.2079 system 5 notice 5264 tform301 172.20.1.6 logon m_logon::logon success User logged on Existing user admin logged on (local account).
        3 2021-01-20 05:15:49 1611119749.5605 system 5 notice 13315 tform301 172.20.1.6 logon m_logon::logon success User logged on Existing user admin logged on (local account).
        4 2021-02-04 21:20:05 1612473605.8379 system 5 notice 15482 tform301 10.70.32.201 logon m_logon::logon success User logged on Existing user admin logged on (local account).
        5 2021-02-04 21:22:00 1612473720.0788 system 7 debug 15379 tform301 10.70.32.201 m_configuration::load success running sql (0.00013208389282227) /* m_configuration::load */ SELECT NOW() as `timestamp`
        6 2021-02-04 21:22:00 1612473720.0788 system 7 debug 15379 tform301 10.70.32.201 m_configuration::load success running sql (0.00013995170593262) /* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`
        7 2021-02-04 21:22:00 1612473720.0788 system 7 debug 15379 tform301 10.70.32.201 m_configuration::load success running sql (0.00014710426330566) /* m_configuration::load */ SELECT count(*) as device_count FROM `system`
        8 2021-02-04 21:22:00 1612473720.0788 system 7 debug 15379 tform301 10.70.32.201 logon success set format Set format to json, because default.
        9 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 m_configuration::load success running sql (0.00011610984802246) /* m_configuration::load */ SELECT NOW() as `timestamp`
        10 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 m_configuration::load success running sql (0.00013995170593262) /* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`
        11 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 m_configuration::load success running sql (0.00015616416931152) /* m_configuration::load */ SELECT count(*) as device_count FROM `system`
        12 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon success set format Set format to json, because default.
        13 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.00048398971557617) /* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'oae_license'
        14 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.0013258457183838) /* m_configuration::update */ UPDATE configuration SET value = 'none', edited_by = 'system', edited_date = NOW() WHERE id = 141
        15 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.00029587745666504) /* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'oae_product'
        16 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.0012471675872803) /* m_configuration::update */ UPDATE configuration SET value = 'Open-AudIT Community', edited_by = 'system', edited_date = NOW() WHERE id = 143
        17 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.00034093856811523) /* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'server_ip'
        18 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.0013539791107178) /* m_configuration::update */ UPDATE configuration SET value = '10.70.32.203', edited_by = 'system', edited_date = NOW() WHERE id = 153
        19 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.00052094459533691) /* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'modules'
        20 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_configuration::update success running sql (0.0013689994812012) /* m_configuration::update */ UPDATE configuration SET value = '{\\"NMIS8\\":{\\"name\\":\\"NMIS8\\",\\"file\\":\\"\\\\/cgi-bin\\\\/nmiscgi.pl\\",\\"link\\":\\"\\\\/cgi-nmis8\\\\/nmiscgi.pl\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/network-management-system-nmis\\\\/\\"},\\"opAddress\\":{\\"name\\":\\"opAddress\\",\\"file\\":\\"\\\\/bin\\\\/opaddress-cli.pl\\",\\"link\\":\\"\\\\/omk\\\\/opAddress\\\\/\\",\\"url\\":\\"https:\\\\/\\\\/community.opmantek.com\\\\/display\\\\/opAddress\\\\/Home\\"},\\"opCharts\\":{\\"name\\":\\"opCharts\\",\\"file\\":\\"\\\\/public\\\\/omk\\\\/js\\\\/opCharts_a_external_packed.js\\",\\"link\\":\\"\\\\/omk\\\\/opCharts\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/opcharts-dashboards-charts-management\\\\/\\",\\"installed\\":true,\\"version\\":\\"3.5.0\\"},\\"opConfig\\":{\\"name\\":\\"opConfig\\",\\"file\\":\\"\\\\/install\\\\/opconfigd.init.d\\",\\"link\\":\\"\\\\/omk\\\\/opConfig\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/network-configuration-management-opconfig\\\\/\\",\\"installed\\":true,\\"version\\":\\"3.5.0\\"},\\"Open-AudIT\\":{\\"name\\":\\"Open-AudIT\\",\\"file\\":\\"\\\\/bin\\\\/oae-tasks.sh\\",\\"link\\":\\"\\\\/omk\\\\/open-audit\\\\/\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/network-audit-software\\\\/\\"},\\"opEvents\\":{\\"name\\":\\"opEvents\\",\\"file\\":\\"\\\\/install\\\\/opeventsd.init.d\\",\\"link\\":\\"\\\\/omk\\\\/opEvents\\\\/\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/opevents-traps-network-event-management\\\\/\\",\\"installed\\":true,\\"version\\":\\"2.6.0\\"},\\"opFlow\\":{\\"name\\":\\"opFlow\\",\\"file\\":\\"\\\\/bin\\\\/opflow-cli.pl\\",\\"link\\":\\"\\\\/omk\\\\/opFlow\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/netflow-analyzer-collector-opflow\\\\/\\",\\"installed\\":true,\\"version\\":\\"3.1.0\\"},\\"opHA\\":{\\"name\\":\\"opHA\\",\\"file\\":\\"\\",\\"link\\":\\"\\\\/omk\\\\/opHA\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/distributed-network-management-system\\\\/\\"},\\"opLicensing\\":{\\"name\\":\\"opLicensing\\",\\"file\\":\\"\\\\/lib\\\\/opLicense.pm.exe\\",\\"link\\":\\"\\\\/omk\\\\/opLicense\\",\\"url\\":\\"#\\"},\\"opReports\\":{\\"name\\":\\"opReports\\",\\"file\\":\\"\\\\/bin\\\\/opreports-cli.pl\\",\\"link\\":\\"\\\\/omk\\\\/opReports\\\\/\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/network-configuration-management-opconfig\\\\/\\",\\"installed\\":true,\\"version\\":\\"3.4.0\\"},\\"opSLA\\":{\\"name\\":\\"opSLA\\",\\"file\\":\\"\\",\\"link\\":\\"\\\\/omk\\\\/opSLA\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/ip-sla-monitor-cisco-ipsla\\\\/\\"},\\"Other Modules\\":{\\"name\\":\\"Other Modules\\",\\"link\\":\\"https:\\\\/\\\\/opmantek.com\\\\/network-management-system-tools\\\\/\\",\\"url\\":\\"https:\\\\/\\\\/opmantek.com\\\\/network-management-system-tools\\\\/\\"}}', edited_by = 'system', edited_date = NOW() WHERE id = 138
        21 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_networks::upsert success running sql (0.0002601146697998) /* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '127.0.0.0/8'
        22 2021-02-04 21:22:00 1612473720.196 system 7 debug 15378 tform301 10.70.32.201 logon m_networks::upsert success running sql (0.00020098686218262) /* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '10.70.32.0/22'

      6. Ricardo Mateo

        Access Log:

        access_log


        Error log:

        error_log

      7. Mark Unwin

        Your attached "error_log" is actually the access log.

      8. Ricardo Mateo

        These are the files I have:

        -rw-r--r--. 1 root root 38714 Feb 4 22:43 access_log
        -rw-r--r--. 1 root root 9342 Feb 4 22:00 error_log

      CommentAdd your comment...