@popbiz opened this Issue on June 19th 2019

Issue listed @ https://forum.matomo.org/t/random-logme-error/33230

Heres the logic I used to implement LogMe ..

  if( ( session_status() !== PHP_SESSION_ACTIVE ) 
   or 
     ( (! isset($_COOKIE['MyCookie'] ) ) or ($_COOKIE['MyMcookie'] != "ok")) )
    {
        require_once 'customLogMein.php';
    }

customLogMein.php---->

$furl = host url; 
$authURL = 'https://sso_login_page_url?retURL='.$furl; 

$userId = "abcd1234";
$hashuserIdPass = hash('md5',$userId);

//Check if cookie is expired else redirect to SSO Logn page
if (! isset( $_COOKIE['MyMcookie'] ) ) { 
    redirect to SSO log in page
}   

/* build new URL with logme data and redirect to it.  */
if  (! isset($_COOKIE[$MyMcookie] ) ) {
    $curURL = $furl;
    $LogmeURL = $curURL.'?module=Login&action=logme&login='.$userId.'&password='.$hashuserIdPass;
    header( 'HTTP/1.0 302 Redirect' ); 
    header( "Location: ".$LogmeURL ); 
    header( "Connection: close" );
    exit;
@tsteur commented on June 20th 2019 Member

Are you using the latest Matomo version? If not, please update. Can you login using the same userid/password?

I tried it, and it works fine for me. Maybe an update fixes the issue or maybe you have an issue with your server or browser. From what you wrote in the forum this looks otherwise rather like an issue on your side.

@popbiz commented on June 24th 2019

Yep.. using the latest Matomo version 3.x .
The issue is : Its erratic . First Login works right 100% of the time.
Its after u have logged in , its on and off ... meaning it may or may not work any next click in the UI [anywhere].. the same may work sometimes and all of sudden it may give error.

@popbiz commented on June 25th 2019

Hi there.. is this something that is being looked at or share the solution for it to work consistently ?
Help is much appreciated!

@tsteur commented on June 26th 2019 Member

I'm unable to reproduce it which makes it a problem. Can you reproduce it when you go into incognito mode and then open the generated URL for module=Login&action=logme&login='.$userId.'&password='.$hashuserIdPass; yourself manually in the browser?
`

@popbiz commented on June 27th 2019

I am not clear on what you are asking.. but i opened the url in incongnitoe mode .. Heres what i see ..
1) Login was successful in first attempt.
2) Clicking in different secitons of the UI worked .
3) Sudden failure when clicking in one section which worked a few clicks before...
4) Below is the url which gave me the "Action 'logme' not found in the module 'Live'" error..

https://website/matomo/index.php?module=CoreHome&action=index&idSite=1&period=day&date=yesterday#?idSite=1&period=day&date=yesterday&category=General_Visitors&subcategory=General_RealTime

@popbiz commented on June 27th 2019

Oh i see what u mean .. let me try ..

@popbiz commented on June 27th 2019

1) https://website:443/matomo/index.php?module=CoreHome&action=index&idSite=1&period=day&date=yesterday

The above url then redirects to my singlesignon and after successful authentication, it redirects back to the below url which is the default Matomo Login screen with an error message..

2) https://website/matomo/index.php?module=CoreHome&action=index&idSite=1&period=day&date=yesterday?module=Login&action=logme&login=userid&password=hashedpassword

3) Error message - Error: You can't access this resource as it requires 'view' access for the website id = 1.

@popbiz commented on June 27th 2019

I also tried the below.. in incognito mode..
1) Logged in and authenticated with the SSO . Was able to load the Landing page of Matomo.
2) on 2nd tab, attempted to load the same using the below url ..
https://website/matomo/index.php?module=CoreHome&action=index&idSite=1&period=day&date=yesterday?module=Login&action=logme&login=userid&password=hashedpassword

gives me "Action 'logme' not found in the module 'CoreHome'"

@tsteur commented on June 28th 2019 Member

Are you using a plugin in Matomo re these SSO redirects?

@popbiz commented on June 28th 2019

No plugin. I am using an externally implemented 3rd party SSO.
I check the availability of a valid cookie from this SSO service . If not available, redirect to SSO and upon return from SSO , hydrate a fresh cookie.
After successful return from SSO, i login to Matomo using the Logme url as share earlier.

@popbiz commented on July 5th 2019

Any news on this thread ? :(

@tsteur commented on July 6th 2019 Member

I can't reproduce the issue. Any chance you send us URL and login to your Matomo to hello at matomo.org? We can maybe have a look.

Powered by GitHub Issue Mirror