On Thu, 15 Nov 2018 at 09:46, Neil Williams neil.williams@linaro.org wrote:
There is a separate problem here, on your local setup. Avoid making changes to common.py which cannot go upstream because every package update will assert the upstream version without any regard to your change.
It's possible you have a gunicorn process which isn't stopping
correcltly, possibly due to an earlier misconfiguration. It's also possible you may need to restart Apache.
What you have at the moment isn't a fix, it's only a step to work out the actual fix.
Yes I just wanted to check if my config was actually took in count or not. I didn't know I could check this through the developer shell, will do next time.
Possibly try adding
"CSRF_COOKIE_HTTPONLY": false,
in /etc/lava-server/settings.conf
I added this line and I removed a line which was about LXC_PATH. Maybe this was the root of the problem, leading to an error when reading the settings and making django use the default settings. But now it works fine, so thank you for that.
You can also use the developer shell to load the settings and see what has actually been set.
$ sudo lava-server manage shell
from django.conf import settings settings.CSRF_COOKIE_SECURE
False
Again, avoid making changes here, those would only be temporary. Don't be tempted to do much more than check the settings in the developer shell - it is massively powerful and can easily trash your instance. It is a useful tool, when used with caution.
https://master.lavasoftware.org/static/docs/v2/development.html#developer-ac...
Thank you for this information, I will use this tool now to check my settings.
Best regards, Axel
On Tue, 13 Nov 2018 at 16:45, Axel Lebourhis axel.lebourhis@linaro.org wrote:
On Tue, 13 Nov 2018 at 16:35, Neil Williams neil.williams@linaro.org
wrote:
When changing /etc/lava-server/settings.conf ensure that the gunicorn service is restarted
$ sudo service lava-server-gunicorn restart
This has been done.
This isn't about browser cookies - some browsers cache authentication separately to cookies and sometimes it just needs a separate browser to get passed an initial failure. e..g use firefox instead of chrome and vice versa. Also it can be that all windows of the browser need to be closed.
I tried on both Firefox and Chrome, nothing new.
I don't understand, I made no modifications.
Unless you use https:// you need to modify at least /etc/lava-server/settings.conf
The configuration needed to use http://localhost was already set in
this file.
I modified directly the common.py file to set the default value to
False.
Now I don't have the CSRF error anymore, but I'm still not logged in,
back to starting point.
On Tue, 13 Nov 2018 at 16:16, Neil Williams <
neil.williams@linaro.org> wrote:
On Tue, 13 Nov 2018 at 15:04, Axel Lebourhis <
axel.lebourhis@linaro.org> wrote:
> > Yes i'm using localhost and i'm using simple Django accounts.
In which case you need to set the CSRF settings to allow login
without
https as in the link I posted.
https://master.lavasoftware.org/static/docs/v2/installing_on_debian.html?hig...
> > On Tue, 13 Nov 2018 at 16:02, Neil Williams <
neil.williams@linaro.org> wrote:
>> >> On Tue, 13 Nov 2018 at 14:55, Axel Lebourhis <
axel.lebourhis@linaro.org> wrote:
>> > >> > Hi everyone, >> > >> > I have some troubles to log in my Web UI. >> >> Are you using http://localhost ? or are you trying to use
http:// with
>> a domain name but have not set up https? >> >> If so, have you read the notes on CSRF support: >>
https://master.lavasoftware.org/static/docs/v2/installing_on_debian.html?hig...
>> >> Have you configured LDAP or are you using simple Django accounts? >> >> > I type the good password and username and then the website
sends me back to the home page. If I type a wrong password, I get an error message. It does the same thing for all user accounts. Tried to restart lava services, apache2 but it's still doing the same thing. No error messages returned in logs.
>> > >> > Best regards, >> > Axel Le Bourhis >> > _______________________________________________ >> > Lava-users mailing list >> > Lava-users@lists.lavasoftware.org >> > https://lists.lavasoftware.org/mailman/listinfo/lava-users >> >> >> >> -- >> >> Neil Williams >> ============= >> neil.williams@linaro.org >> http://www.linux.codehelp.co.uk/
--
Neil Williams
neil.williams@linaro.org http://www.linux.codehelp.co.uk/
--
Neil Williams
neil.williams@linaro.org http://www.linux.codehelp.co.uk/
--
Neil Williams
neil.williams@linaro.org http://www.linux.codehelp.co.uk/