From: Lava-users <lava-users-bounces@lists.linaro.org> on behalf of ljh_dev <ljh_dev@126.com>
Date: Monday, 6 August 2018 at 10:31
To: Zoran S <zoran.stojsavljevic.de@gmail.com>
Cc: Lava Users Mailman list <lava-users@lists.linaro.org>
Subject: Re: [Lava-users] lava-server login error

 

I had made this change in /etc/lava-server/settings.conf, but no changes in result.

I would definitively recommend restarting *all* services on master. There are a bunch of them:

# STOP services

$ service lava-coordinator stop; service lava-logs stop; service lava-master stop; service lava-publisher stop; service lava-server-gunicorn stop; service lava-slave stop

# START services

$ service lava-coordinator start; service lava-logs start; service lava-master start; service lava-publisher start; service lava-server-gunicorn start; service lava-slave start

 

Cheers


At 2018-08-06 16:40:00, "Zoran S" <zoran.stojsavljevic.de@gmail.com> wrote:

Please, try this:

CSRF protection

In case of CSRF errors when logging in Lava, read this.

Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to false in Lava server settings:

sudo vi /etc/lava-server/settings.conf

Restart Lava gunicorn server:

sudo service lava-server-gunicorn restart

_______

Hope this helps!

Zoran

 

On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev <ljh_dev@126.com> wrote:

Added a little from previous email ,resend:

I might not say it clearly, let me repeat it again.

According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple )  . 

Accessing main page is ok. When enter Sign in page,  input just registered username and password to login then the firefox browser displayed err page: 

"

You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.

If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests.

"

I had added following lines in etc/lava-server/settings.conf:

"CSRF_COOKIE_SECURE": false,

"SESSION_COOKIE_SECURE": false

 

And reboot computer and login again, the err is still so. Trying  disable/enable cookies  is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.

 

I just did some login experiments again,all error same as before.  I find when intentional input  a err username that does not exist,it return same error page(Is the new user not successfully established?).

I add a new user by using both methods and both return ok:

method 1.

    first:

sudo lava-server manage users add <username> --passwd <password>

then:

sudo lava-server manage authorize_superuser --username {username}

//the {username } is created by previous line command,command return for example: User u1 granted superuser rights

method 2.

      sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL

 

 

 

At 2018-08-06 13:40:01, "ljh_dev" <ljh_dev@126.com> wrote:

I might not say it clearly, let me repeat it again.

According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple )  . 

Accessing main page is ok. When enter Sign in page,  input just registered username and password to login then the firefox browser displayed err page: 

"

You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.

If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests.

"

I had added following lines in etc/lava-server/settings.conf:

"CSRF_COOKIE_SECURE": false,

"SESSION_COOKIE_SECURE": false

 

And reboot computer and login again, the err is still so. Trying  disable/enable cookies  is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.

 

I just did some login experiments again,all error same as before.  I find when intentional input  a err username that does not exist,it return same error page(Is the new user not successfully established?).

I add a new user by using both methods and both return ok:

method1.

    first:

sudo lava-server manage users add <username> --passwd <password>

then:

sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights



 





2018-08-03 17:16:43"Neil Williams" <neil.williams@linaro.org> 写道:

On Fri, 3 Aug 2018 at 10:11, ljh_dev <ljh_dev@126.com> wrote:

Hi,
According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL)  . But when using firefox browser to login in by created name , response message:
  --
    SRF verification failed. Request aborted.

 

 

If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.

 

 

You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.

If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests.
 --
After configured browser to disable cookies,the response is still so.

Jiang Lao




 

_______________________________________________
Lava-users mailing list
Lava-users@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/lava-users


 

--




 





_______________________________________________
Lava-users mailing list
Lava-users@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/lava-users

 




 

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.