Hello,
I have setup zimbra on an internal server, and it is workiing fine. It uses our local ldap server to authenticate the users. However, I want to be able to access the server from the external world. I have a firewall protecting the network.
Zimbra is running on fc4.
I have a server running apache in the dmz that forwards the webmail requests through the fw via port 18880. When I am outside my network and go to http://webmail... The zimbra login page comes up. However, when I go to login, I get an error message:
An unknown application error has occurred. Please correct any errors and retry.
I can see the traffic using tcpdump on the zimbra server, and it appears to be fine. I cannot find any error messages in the log files as to why the authentication might be failing.
My external apache configuration is:
ServerName webmail.x.com
RedirectPermanent / http://webmail.x.com/
ProxyPass / http://x.x.x.x:18880">http://x.x.x.x:18880/
ProxyPassReverse / http://x.x.x.x:18880">http://x.x.x.x:18880/
ProxyVia Off
Is there perhaps a proxy config problem perhaps?
I have tried a number of different apache configs, but I see to get the same result each time.
Any help would be appreciated, and any additional information I can provide.
Thanks,
Billy
Zimbra authentication error
-
- Posts: 13
- Joined: Fri Sep 12, 2014 10:12 pm
Zimbra authentication error
I am still looking at this issue, but after some research and some help from paros, it looks like I have narrowed down where the issue is.
Here is the request made by my external browser:
http://www.w3.org/2003/05/soap-envelope"> xmlns="urn:zimbra">usera@x.comxxxxx
This is the response:
soap:Receiversystem">http://www.w3.org/2003/05/soap-envelope ... iversystem failure: Request not allowed on port 18880service.FAILUREcom.zimbra.cs.service.ServiceException: system failure: Request not allowed on port 18880
at com.zimbra.cs.service.ServiceException.FAILURE(ServiceException.java:131)
at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:142)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:667)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Hopefully this provides more insight into my problem. I am not very familiar with SOAP.
Here is a quick rundown on what happens from a network standpoint:
Request --->
External server receives request, apache uses virtual host and forwards to port 18880 -->
fw takes request on port 18880 and forwards to internal zimbra on port 80 -->
internal zimbra receives request on port 80.
Thanks again,
Billy
Here is the request made by my external browser:
http://www.w3.org/2003/05/soap-envelope"> xmlns="urn:zimbra">usera@x.comxxxxx
This is the response:
soap:Receiversystem">http://www.w3.org/2003/05/soap-envelope ... iversystem failure: Request not allowed on port 18880service.FAILUREcom.zimbra.cs.service.ServiceException: system failure: Request not allowed on port 18880
at com.zimbra.cs.service.ServiceException.FAILURE(ServiceException.java:131)
at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:142)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:667)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Hopefully this provides more insight into my problem. I am not very familiar with SOAP.
Here is a quick rundown on what happens from a network standpoint:
Request --->
External server receives request, apache uses virtual host and forwards to port 18880 -->
fw takes request on port 18880 and forwards to internal zimbra on port 80 -->
internal zimbra receives request on port 80.
Thanks again,
Billy
Zimbra authentication error
This was fixed in 4.0. We were using the port the client was connecting to rather than the port the server was fielding the request on in a few places in the code.
-
- Posts: 13
- Joined: Fri Sep 12, 2014 10:12 pm
Zimbra authentication error
Thank you. The upgrade to 4 did it.
Billy
Billy