We have been trying for quite a while to connect our email server to the rocketchat, but we keep getting an authorisation mistake (see log below). It might have to do with the fact that in the form one has to add user and password but it’s not very clear user and password of what. We have tried all possible combinations we could think of, but we are kind of out of ideas. Suggestions?
Thanks in advance.
Server Setup Information
Version of Rocket.Chat Server: CE 3.15.1
Operating System: ubuntu 20.04
Deployment Method: digitalocean IaaS
Number of Running Instances: 1
Log:
Exception in callback of async function: Error: Authentication failed. at Connection._resTagged (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Connection.js:1502:11) at Parser. (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Connection.js:194:10) at Parser.emit (events.js:314:20) at Parser.EventEmitter.emit (domain.js:483:12) at Parser._resTagged (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:175:10) at Parser._parse (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:139:16) at Parser._tryread (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:82:15) at TLSSocket.Parser.cbReadable (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:53:12) at TLSSocket.emit (events.js:314:20) at TLSSocket.EventEmitter.emit (domain.js:483:12) at emitReadable (_stream_readable.js:557:12) at processTicksAndRejections (internal/process/task_queues.js:83:21) { type: ‘no’, textCode: ‘AUTHENTICATIONFAILED’, source: ‘authentication’ }
Related
I attempted to connect neo4j aura database using Python but failed as "Unable to retrieve routing information".
from neo4j import GraphDatabase
from neo4j.debug import watch
uri = "neo4j+s://<id>.databases.neo4j.io"
driver = GraphDatabase.driver(uri, auth=("neo4j", "<password>"))
def workload(tx):
return tx.run("RETURN 1 as n").data()
with watch("neo4j"): # enable logging
with driver.session() as session:
session.write_transaction(workload)
driver.close()
Running above python scripts returned the following log:
Attempting to update routing table from IPv4Address(('<id>.databases.neo4j.io', 7687))
[#0000] C: <RESOLVE> <id>.databases.neo4j.io:7687
[#0000] C: <OPEN> xx.xxx.xxx.xxx:7687
[#C000] C: <SECURE> <id>.databases.neo4j.io
[#0000] C: <CONNECTION FAILED> BoltSecurityError: [SSLCertVerificationError] Connection Failed. Please ensure that your database is listening on the correct host and port and that you have enabled encryption if required. Note that the default encryption setting has changed in Neo4j 4.0. See the docs for more information. Failed to establish encrypted connection. (code 1: Operation not permitted)
Failed to fetch routing info 35.xxx.xxx.xxx:7687
[#0000] C: <ROUTING> Deactivating address IPv4Address(('<id>.databases.neo4j.io', 7687))
[#0000] C: <ROUTING> table={None: RoutingTable(database=None routers={}, readers={}, writers={}, last_updated_time=0.235748575, ttl=0)}
Attempting to update routing table from
Unable to retrieve routing information
Transaction failed and will be retried in 1.1281720312998946s (Unable to retrieve routing information)
I looked into neo4j documentation and searched other places but none of the possible resolutions can be found.
Version:
Python 3.7.4
neo4j 4.4.2
I very much appreciate your input if you have ever experienced the same issues and found any way to resolve the issue.
I have disabled the authentication on my neo4j server, so I can connect using the cypher shell using no credentials as it follows and is working.
$ ./bin/cypher-shell -a 192.168.0.89
This is how I'm declaring my driver and the session, I also tried using neo4j://* instead of bolt://*:
driver, err := neo4j.NewDriver("bolt://192.168.0.89:7687", neo4j.NoAuth())
if err != nil {
return "", err
}
defer driver.Close()
session, _ := driver.NewSession(neo4j.SessionConfig{AccessMode: neo4j.AccessModeWrite})
defer session.Close()
But that doesn't work either. I'm getting this error when running the hello world from the neo4j olang driver page https://neo4j.com/developer/go/
TLS error: Remote end closed the connection, check that TLS is enabled on the server
There are the logs of the server when it starts:
2021-03-07 23:17:23.227+0000 INFO ======== Neo4j 4.2.3 ========
2021-03-07 23:17:24.119+0000 INFO Performing postInitialization step for component 'security-users' with version 2 and status CURRENT
2021-03-07 23:17:24.119+0000 INFO Updating the initial password in component 'security-users'
2021-03-07 23:17:24.243+0000 INFO Bolt enabled on 192.168.0.89:7687.
2021-03-07 23:17:25.139+0000 INFO Remote interface available at http://192.168.0.89:7474/
2021-03-07 23:17:25.140+0000 INFO Started.
These are all my config settings:
dbms.connector.bolt.advertised_address=192.168.0.89:7687
dbms.connector.bolt.enabled=true
dbms.connector.bolt.listen_address=192.168.0.89:7687
dbms.connector.bolt.tls_level=DISABLED
dbms.connector.http.advertised_address=192.168.0.89:7474
dbms.connector.http.enabled=true
dbms.connector.http.listen_address=192.168.0.89:7474
dbms.connector.https.enabled=false
dbms.default_advertised_address=192.168.0.89
dbms.default_database=neo4j
dbms.default_listen_address=192.168.0.89
dbms.directories.import=/home/eduardo/NEO4J/import
dbms.directories.neo4j_home=/home/eduardo/NEO4J
dbms.jvm.additional=-Dlog4j2.disable.jmx=true
dbms.security.auth_enabled=false
dbms.tx_log.rotation.retention_policy=1 days
dbms.tx_state.memory_allocation=ON_HEAP
dbms.windows_service_name=neo4j
Again, I can connect to the same host and the browser is also working fine:
Thanks in advance for any help :)
Adding to your answer: it is likely you're using the v1.x of the Go driver. If you switch to using the v4.x driver instead, you will not have to specify this config value.
You can upgrade by simply adding v4 in your import statement like so:
import github.com/neo4j/neo4j-go-driver/v4/neo4j
More info: https://github.com/neo4j/neo4j-go-driver/blob/4.2/MIGRATIONGUIDE.md
For anyone looking for the answer, the bolt driver will try to use TLS by default and since in my case is not configured, the encryption needs to be disabled in the driver constructor call.
driver, err := neo4j.NewDriver("bolt://192.168.0.89:7687", neo4j.NoAuth(), func(c *neo4j.Config) { c.Encrypted = false })
Hope this helps other people experiencing the same issue :)
I followed this tutorial to setup myorg/composer-rest-server and everything was working fine till I import card but when I make a GET request to /api/system/ping it returns 500 Error:
{"error":{"statusCode":500,"name":"Error","message":"Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]","stack":"Error: Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]\n at client.getUserContext.then.then.catch (/home/composer/.npm-global/lib/node_modules/composer-rest-server/node_modules/composer-connector-hlfv1/lib/hlfconnection.js:393:34)\n at <anonymous>\n at process._tickDomainCallback (internal/process/next_tick.js:228:7)"}}
So I checked the logs for rest container, it can't seem to find 127.0.0.1:7054. Here is the error log.
Unhandled error for request GET /api/system/ping: Error: Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]
at client.getUserContext.then.then.catch (/home/composer/.npm-global/lib/node_modules/composer-rest-server/node_modules/composer-connector-hlfv1/lib/hlfconnection.js:393:34)
at <anonymous>
at process._tickDomainCallback (internal/process/next_tick.js:228:7)
So I checked the logs for the container ca.org1.example.com, and it is listening to port 7054
2018/04/01 09:57:25 [DEBUG] CA initialization successful
2018/04/01 09:57:25 [INFO] Home directory for default CA: /etc/hyperledger/fabric-ca-server
2018/04/01 09:57:25 [DEBUG] 1 CA instance(s) running on server
2018/04/01 09:57:25 [INFO] Listening on http://0.0.0.0:7054
I think i need to change 127.0.0.1 to 0.0.0.0 but not sure how to do it the right way. Could also be a firewall issue?
Here's my .composer/cards/restadmin#myserver/connection.json
{"name":"hlfv1","x-type":"hlfv1","x-commitTimeout":300,"version":"1.0.0","client":{"organization":"Org1","connection":{"timeout":{"peer":{"endorser":"300","eventHub":"300","eventReg":"300"},"orderer":"300"}}},"channels":{"composerchannel":{"orderers":["orderer.example.com"],"peers":{"peer0.org1.example.com":{}}}},"organizations":{"Org1":{"mspid":"Org1MSP","peers":["peer0.org1.example.com"],"certificateAuthorities":["ca.org1.example.com"]}},"orderers":{"orderer.example.com":{"url":"grpc://orderer.example.com:7050"}},"peers":{"peer0.org1.example.com":{"url":"grpc://peer0.org1.example.com:7051","eventUrl":"grpc://peer0.org1.example.com:7053"}},"certificateAuthorities":{"ca.org1.example.com":{"url":"http://ca.org1.example.com:7054","caName":"ca.org1.example.com"}}}
I'm using AWS EC2
OS: Ubuntu 16.04.3 LTS,
Docker: 17.12.0-ce,
Composer: v0.19.0
Fabric: v1.1
Which card have you imported? If it is the restadmin card, I think you may have imported a Card containing an expired One-Time secret. After the rest admin card was used to start the REST server (in the container) the secret was replaced with certificates - so if you export the restadmin card again with a different name composer card export -c restadmin#trade-network -f restadmin-cert.card you will see that it is a larger file because of the certificates. You should be able to import and use this new .card file.
(If you were using a different card e.g. jdoe - did you run the sed command for this card to correct the addresses?)
I am writing a complemental service for OpenAM for some features not available as RESTful services in default server. I am using OpenAM Client SDK (12 or 13). I get the folloing error:
DebugConfiguration:07/03/2017 04:13:12:530 PM IRDT:
Thread[main,5,main]
'/debugconfig.properties' isn't valid, the default configuration will be used instead: Can't find the configuration file
'/debugconfig.properties'.
amAuthContext:07/03/2017 04:13:12:564 PM IRDT: Thread[main,5,main]:
TransactionId[unknown]
ERROR: Failed to obtain auth service url from server: null://null:null
amNaming:07/03/2017 04:13:12:573 PM IRDT: Thread[main,5,main]:
TransactionId[unknown]
ERROR: Failed to initialize naming service
java.lang.Exception: Cannot find Naming Service URL.
at com.iplanet.services.naming.WebtopNaming.getNamingServiceURL(WebtopNaming.java:1254)
at com.iplanet.services.naming.WebtopNaming.initializeNamingService(WebtopNaming.java:272)
at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:1149)
at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:1070)
at com.iplanet.services.naming.WebtopNaming.getServiceAllURLs(WebtopNaming.java:494)
at com.sun.identity.authentication.AuthContext.login(AuthContext.java:654)
at com.sun.identity.authentication.AuthContext.login(AuthContext.java:584)
at com.sun.identity.authentication.AuthContext.login(AuthContext.java:386)
at MainKt.realmLogin(Main.kt:56)
at MainKt.main(Main.kt:144)
IdRepoSampleUtils: Failed to start login for default authmodule
Exception in thread "main"
com.sun.identity.authentication.spi.AuthLoginException: Failed to create new Authentication Context: null
at com.sun.identity.authentication.AuthContext.login(AuthContext.java:657)
at com.sun.identity.authentication.AuthContext.login(AuthContext.java:584)
at com.sun.identity.authentication.AuthContext.login(AuthContext.java:386)
at MainKt.realmLogin(Main.kt:56)
at MainKt.main(Main.kt:144)
The main error is SDk does not find STS server url. How can I fix it?
I found the solution with checking the Example SDK client. The solution is to use Java's well-knwon properties file. There is a AMConfig.properties in there which the SDK jar automatically tries to extract values from it. For the format of the file we can refer to Oracle OpenSSO, and use the AMConfig.properties.template within the OpenAM example client application.
I'm trying to login to Roundcube only the program won't let me.
I can login to the said account from the shell and mail is setup and working correctly on my server for user 'admin'. It's RC that is the problem. If I check my logs:
/usr/local/www/roundcube/logs/errors
they show:
[21-Sep-2013 17:19:02 +0100]: IMAP Error: Login failed for admin from ip.ip.ip.ip. Could not connect to ip.ip.ip.ip:143:
Connection refused in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php on line 184
(POST /roundcube/?_task=login&_action=login)
which doesn't give me many clues really, just leads me to:
public function connect($host, $user, $pass, $port=143, $use_ssl=null) {}
from
rcube_imap.php
Stuff I've tried, editing:
/usr/local/www/roundcube/config/main.inc.php
with:
// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or null to use
// best server supported one)
//$rcmail_config['imap_auth_type'] = LOGIN;
$rcmail_config['imap_auth_type'] = null;
// Log IMAP conversation to <log_dir>/imap or to syslog
$rcmail_config['imap_debug'] = /var/log/imap;
With a failed login attempt
/var/log/imap
doesn't even get written to, leaving me no clues. I'm using dovecot and Sendmail on a FreeBSD box with full root access. It's not an incorrect username password combination for sure.
Several Googles on the string 'Roundcube: Connection to storage server failed' are fruitless.
EDIT:
I needed an entry in
/etc/rc.conf
dovecot_enable="YES"
Schoolboy error.
I had the same problem with a letsencrypt certificate and resolve it by disabling peer authentication:
$config['imap_conn_options'] = array(
'ssl' => array('verify_peer' => true, 'verfify_peer_name' => false),
'tls' => array('verify_peer' => true, 'verfify_peer_name' => false),
);
Afterwards you can set the connection string like this (starttls):
$config['default_host'] = 'tls://your-host.tld';
$config['default_port'] = '143';
$config['smtp_server'] = 'tls://your-host.tld';
$config['smtp_port'] = '25';
Or like this (ssl approach):
$config['default_host'] = 'ssl://your-host.tld';
$config['default_port'] = '993';
$config['smtp_server'] = 'ssl://your-host.tld';
$config['smtp_port'] = '587';
Make sure you use the fully qualified hostname of the certificate in the connection string (like your-host.tld) and not an internal hostname (like localhost).
Hope that helps someone else.
Change the maildir to whatever your system uses.
Change Dovecot mail_location setting to
mail_location = maildir:~/Mail
Change Postfix home_mailbox setting to
home_mailbox = Mail/
Restart services and away you go
Taken from this fedoraforum post
If you run fail2ban, then dovecot might get banned following failed Roundcube login attempts. This has happened to me twice already...
First, check if this is indeed the case:
sudo fail2ban-client status dovecot
If you get an output similar to this:
Status for the jail: dovecot
|- Filter
| |- Currently failed: 1
| |- Total failed: 8
| `- File list: /var/log/mail.log
`- Actions
|- Currently banned: 1
|- Total banned: 2
`- Banned IP list: X.X.X.X
i.e. the Currently banned number is higher than 0, then fail2ban was a bit overeager and you have to "unban" dovecot.
Run the fail2ban client in interactive mode:
sudo fail2ban-client -i
and at the fail2ban> prompt enter the following:
set dovecot unbanip X.X.X.X
where X.X.X.X is the IP address of your Dovecot server.
Exit from the interactive client and run sudo fail2ban-client status dovecot again. The Currently banned: field now should have a value of 0. What's more important, RoundCube should work again :-)
The issue is in your mail server.
Check your ports in your mail server and reset it (if necessary):
Port 25 (and 587) must be open for SMTP
Port 143 (and 993) must be open for IMAP
Port 110 must be open for POP3
Also open those ports in your firewall settings.
sudo dovecot should solve the problem.
If not restart dovecot
sudo service dovecot restart