3.1 Upgrade Problems

[dee]

OK - it was out of space. There was a 160M busted download in the /opt/zimbra/tmp folder.

Thanks for the help!

[efoo]

Is there any known workaround to the ?redirect=0 requirement short of waiting until a new version comes out that supports configuring that behavior on the server end? Our 3.1 upgrade went smoothly except for this as well. This change in behavior was unexpected, so we were caught a bit flatfooted. Zimbra's httpd doesn't appear to have mod_rewrite installed, so I don't have that tool available to me. Otherwise, I'd just add the ?redirect=0 to every URL.

Regards,
Edwin

[cvidal]

I found a workaround for ?redirect=0, quick and VERY dirty :-)

First the theory:

The files checking this variable (with code introduced in 3.1) are in JavaScript. Now the default is to redirect. To change the default to redirect=0 do:

su - zimbra
cd apache-tomcat-5.5.15/webapps/zimbra/js

There you will find the following files:

AjaxNewWindow_all.js
Ajax_all.js
zimbraMail/share/view/ZmLogin.js

In all three files you will see the following lines of codes (only once in each):

var match = location.search ? location.search.match(/\bredirect=([01])/) : null;
var redirect = match ? match[1] : null;

For the newbies, this means:
- check if 'redirect=[01]' is part of the location string (first line)
- if it is, set 'redirect' to its value, otherwise set it to null (second line)

To make it work, it is enough to change null by '0', that is:

var redirect = match ? match[1] : '0';

Now the implementation:

If you just change the *.js code it will not work, because Zimbra uses the compressed versions of Ajax_all.js and AjaxNewWindow_all.js, named with the suffix ".zgz". If you uncompress these files, you will see that they have been stripped of all // comments, most \n and empty lines. So, once you have identified the lines to change in the *.js files, do the following:

gunzip -S zgz Ajax_all.js.zgz

This generates the file "Ajax_all.js." (observe the final dot, useful to avoid scratching the original *.js).

Edit Ajax_all.js. and change null to '0'. Then compress it again with:

gzip -S zgz Ajax_all.js.

The same for AjaxNewWindow_all.js.zgz.

ZmLogin has no zgz.

Then restart tomcat (tomcat restart), and in your browser clean the cache and the cookies for your zimbra host.

Probably in the source code there is a script that converts the *.js -> *.js.zgz, but the manual method works fine and fixes the problem in 10 minutes :-))

[chanck]

Great! It works. Thank you very much.

Thomas

[Grant]

Quote:

Originally Posted by cvidal

I found a workaround for ?redirect=0, quick and VERY dirty :-)

Probably in the source code there is a script that converts the *.js -> *.js.zgz, but the manual method works fine and fixes the problem in 10 minutes :-))

Thanks for the hack, it is much appreciated and works fine for me.



I assume someone logged a bug?

[cutigersfan]

I applied this and it works so far on the reguar web mail site. However, there is one problem on the admin site. When I select another account and then click on the "View Mail" button. A new web browser window is opened and tries to connect directly to the server, not the aliased name.

I tried the same hacks in the zimbraAdmin folder, but they didn't seem to work. Neither did using the ?redirect=0 option.

any help is appreciated.

[KevinH]

Quote:

Originally Posted by cutigersfan

I applied this and it works so far on the reguar web mail site. However, there is one problem on the admin site. When I select another account and then click on the "View Mail" button. A new web browser window is opened and tries to connect directly to the server, not the aliased name.

I tried the same hacks in the zimbraAdmin folder, but they didn't seem to work. Neither did using the ?redirect=0 option.

any help is appreciated.

Seems like a bug. Please file it in bugzilla.

[ljm]

?redirect=0 works fine for me for when connecting via http. But the analogous setup with https doesn't work.

This is the apache config on the external-facing web server:
ServerName zimbra-external.example.com:443
ProxyPassReverse / https://zimbra-internal.example.com/
RewriteEngine on
RewriteRule ^/(.*)$ https://zimbra-internal.example.com/$1 [P]

Typing https://zimbra-external.example.com/zimbra/?redirect=0 into the browser serves the login page. But when I enter the username+password, zimbra redirects to zimbra-internal.example.com which isn't visible from the outside world.

I wonder whether I could be doing something wrong. The wierd thing is that the analogous arrangements all work fine over http.

Looking at the SOAP messages which follow the login attempt, the AuthRequest message seems to be ok, but it is followed by this request:

POST https://zimbra-external.example.com:...th/?redirect=0 HTTP/1.1
Referer: https://zimbra-external.example.com/...rect=0&debug=1
Cookie: AjxDebugWinOpen=true; JSESSIONID=B4CAC6F9C8BCE7E1344C6250948FCDF0; ls_last_username=user; ls_last_server=zimbra-external.example.com

authToken=a-big-number&atl=172800000

and here is the response:

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Cache-control: public, max-age=604800, post-check=7200, pre-check=604800
Set-Cookie: ZM_AUTH_TOKEN=a-big-number; Path=/
Location: https://zimbra-internal.example.com:...ail?redirect=0
Content-length: 0
Via: 1.1 zimbra-external.example.com

[KevinH]

What if you try by IP address? Not sure why this would not work for the https.

[ljm]

After bit more poking around ... ?redirect=0 works as expected for me under both http and https when going browser <==> zimbra. It's only browser <==> reverse proxy <==> zimbra that I'm having trouble with https.

Given that my ?redirect=0 problem only relates to https and only with a reverse proxy involved, no doubt my problem relates to the reverse proxy configuration. I'm blowed if I can figure it out. Anyway, with that said...

Yes, even using an IP address in the RewriteRule and ProxyPassReverse lines, the server sends a 302 redirect.

The SOAP request outbound to the reverse proxy:
POST https://zimbra.example.com:443/zimbra/auth/?redirect=0 HTTP/1.1
Host: zimbra.example.com
Referer: https://zimbra.example.com/zimbra/?redirect=0
Cookie: JSESSIONID=2F06A8C02BBD9F40FB5725B75B8952D5; ls_last_username=foo; ls_last_server=zimbra.example.com
Content-length: 195
X-Forwarded-For: 192.168.22.2

authToken=a-big-number

The ssl.conf doing the reverse proxy:
ProxyPassReverse / https://192.168.5.10/
RewriteRule ^/(.*)$ https://192.168.5.10/$1 [P]

The SOAP response from zimbra, coming back via the reverse proxy - note the ip address in the Location header:
HTTP/1.1 302 Moved Temporarily
Date: Sat, 05 Aug 2006 06:29:18 GMT
Server: Apache-Coyote/1.1
Expires: Sat, 12 Aug 2006 06:26:13 GMT
Cache-control: public, max-age=604800, post-check=7200, pre-check=604800
Set-Cookie: ZM_AUTH_TOKEN=a-big-number
Path=/
Location: https://192.168.5.10:443/zimbra/mail?redirect=0
Content-length: 0
Via: 1.1 zimbra.example.com
Content-Type: text/plain