UI authentication problems (Cookie missing or bad)

I have a Community Edition built from source. I can login into UI, but occasionally it logs me out. And sometimes I can login again right after, sometimes I can’t.
The response is:
Authentication required: handler_send_reauthentication:479 (GSA 22.07.0)
Cookie missing or bad. Please login again.

What I have tried:

  1. use different browsers (chrome, firefox), incognito and usual mode
  2. clear cookies
  3. connect by nginx proxy, connect without proxy by IP and port (192.168.111.111:9392)
  4. set logs level of gsad to maximum (128)
  5. change gsad systemd unit file (/etc/systemd/system/gsad.service), add --timeout=1440 to the ExecStart line

Still have this problem.
The only suspicion I have is VPN (I can’t connect to greenbone server without VPN)
I saw people discuss a similar problem and blame “too large MTU”

Please help me. If too large MTU can be relevant in my case please explain why and how to solve it.

Hi,

this is caused by using nginx as a proxy. See Stuck on Login loop on the Login page - #3 by bricks

1 Like

Unfortunately not. I’m connecting by IP:port bypassing nginx and have the same problem.

This means that the session cookie is not available or has a mismatch. Check the network console in your browser if it is send to gsad. The cookie is named GSAD_SID.

1 Like

In other words problem may be in my browser? I have tried to clear cookies , reload a page and login again. Nothing.

I’m checking developing tools/network in my browser.
There are normal (200) request, Set-Cookie: GSAD_SID=###########; expires=Wed, 07 Feb 2024 ##:##:## GMT; max-age=###; path=/; HTTPonly; SameSite=strict
and a bad one (401), Set-Cookie:
GSAD_SID=0; expires=Wed, 07 Feb 2024 ##:##:## GMT; path=/; HTTPonly; SameSite=strict

It’s somewhere in your http request/response path which includes the browser of course.

That’s the response from gsad. You need to look at the next request to gsad.

That’s the response of gsad if the session id doesn’t match. You need to look at the request for this reponse.

See https://github.com/greenbone/gsa/issues/2973#issuecomment-857582302

2 Likes

I’ve check connection without VPN and problem was solved!
So, any ideas why our VPN (we use cloudflare zero trust) may cause cookies issue?

There are many reasons. Judging simply from it’s name, Cloudflare Zero Trust likely applies various security policies that can include inspecting and filtering HTTP headers. Also, VPNs and load balancers can affect how traffic is routed, potentially causing session persistence issues if the session association is lost. You need to verify the settings with CloudFlare Zero Trust. :slight_smile:

1 Like

And if in doubt: Contacting the support of this provider would be another option.