This morning applied batch of module updates (see below for details).
Now when I log into the ARI interface and click on any link (e.g. “Voicemail”, “Call Monitor”, etc) I get bounced back to the login page. The “ARI” cookie still exists so I assume that I am still actually logged in but I am being treated as an unauthenticated user. Has anyone else encountered this issue?
I just installed all the new modules and the ARI is working fine on my machine.
Things you can check:
Are you using PHP with Suhosin (check PHP Info page under Tools tab in FreePBX left side menu)? - this can cause all sorts of problems
Does your session file get removed on the server or is your PHP session timer extremely short? - sometimes session files are stored in temp directories that get cleaned up by cron jobs. If your session file goes away, your ARI can have unexpected issues.
Do you log into multiple ARI servers or did you change the name of your ARI server? - Each server will create a different cookie. They may all look the same, but only the one created by that server can be used to login. Also, you may have an old password cookie from another server, but not have one for the server you are trying to log into.
When I log in to the ARI, I try to delete a VM. I flip back instantly to the login page. I checked for Suhosin in PHPinfo, and I have no cron jobs running to terminate sessions. Tried with Firefox and Chrome. One ARI server. Not sure when this happened, but I am on 2.5.1.1.
Does your session file get removed on the server or is your PHP session timer extremely short? - sometimes session files are stored in temp directories that get cleaned up by cron jobs. If your session file goes away, your ARI can have unexpected issues.
in my php.ini session.cookie_lifetime = 0 … So in theory the session should persist as long as the browser window is open … although now that you mention it when I look in /var/lib/php/session I don’t see a file that corresponds to the session id in the AI cookie… but I can go to recordings/index.php and see the authenticated user interface even though it looks like I am not logged in when I click on a link to get somewhere… I also run the Avantfax web app on the same box as a separate virtual host and I am noticing similar behavior… which leads me to believe that the problem is at the PHP/httpd level… but I haven’t modified any configs, I just updated the modules I mentioned in my original posting… sigh guess I have to dig a bit more… just posting this to update
Do you log into multiple ARI servers or did you change the name of your ARI server? - Each server will create a different cookie. They may all look the same, but only the one created by that server can be used to login. Also, you may have an old password cookie from another server, but not have one for the server you are trying to log into.
You know it finally occurred to me that the session cookie was being issued but the corresponding session file was not created in the /var/lib/php/session directory… then I checked the permissions on said directory and realized they had somehow changed to root:apache when they should in fact be asterisk:asterisk …
I ran
chown asterisk:asterisk /var/lib/php/session
and the issue is resolved … and then I slapped my forehead and realized that I ran a yum -y update yesterday … so at this point not sure whether yum screwed up the permissions or if the module update was the culprit but modifying the permissions appropriately resolves the issue for me
The ARI module doesn’t modify any permissions, so that couldn’t have caused the problem. However, yum update, especially with certain distros’ repositories, has been notorious for causing permissions issues with FreePBX.
