my configid=1 and session_key is already a hex string; however logging in as Admin still has guest privs
-
-
I guess so, Ian, because your problem seems differentComment
-
Hi raoel,
in the working zabbix 5.06 Installation configid is 100100000000001 and it's a Big Int.
This is empty after upgrading to 5.2.2 ?
>>Looks like it's related to "session_key". I changed it from empty into a 32-hexadecimal string in the table "config" on the SQL-server and now I can log in ....
I dont' know what this means - where do you change it ? I have no session_key field in config (5.0.6)
I have to provision a snapshot of my first upgrade to 5.2 to look into it - had no time for this the last weeks.
We have an old Dataset since 2.x, too.
Regards
Frank
Comment
-
Hi,
I tracked down the bug and created https://support.zabbix.com/browse/ZBX-18894.
Thanks for all your debugging. It still took some time, but the several hints lead the way to where the bug really was.
Setting the session_key column in the config table fixes the issue. The update statement in the frontend code has the "configid = 1" condition. https://github.com/zabbix/zabbix/blo...elper.php#L120
Regards
DanielComment
-
FrankB I changed it directly in the database.
It's a new field in 5.2.x and it needs to be filled to work.
TheTuxKeeper thanks for creating an issue! I was a bit too busy to do it myself right now.Comment
-
Hello,
I jumped in this problem (always guest login) after upgrade to 5.4 Did not had time to search for the problem until now.
I use NGINX and PHP-FPM.
Sending login form to index.php it will replay only with redirect. NO COOKIE!!!
From https://www.php.net/manual/en/functi...-handler-notes chicken and egg problem. I added session_write_close() before redirect in index.php
Now the problem is gone for me.PHP Code:// login via form
if (hasRequest('enter') && CWebUser::login(getRequest('name', ZBX_GUEST_USER), getRequest('password', ''))) {
CSessionHelper::set('sessionid', CWebUser::$data['sessionid']);
if (CWebUser::$data['autologin'] != $autologin) {
API::User()->update([
'userid' => CWebUser::$data['userid'],
'autologin' => $autologin
]);
}
session_write_close(); // chicken and egg problem
$redirect = array_filter([CWebUser::isGuest() ? '' : $request, CWebUser::$data['url'], CMenuHelper::getFirstUrl()]);
redirect(reset($redirect));
}
Comment
Comment