Comments (10)
I have also set it up as suitecrm.local
(with an entry in my hosts file to 127.0.0.2
) to see if it would work if I removed the subfolder component of my installation, but it fails with the exact same error. The installer has then create the .htaccess
file in the legacy folder with /legacy/
as the RewriteBase
.
from suitecrm-core.
Here's something of interest, I think.
I always configure all PHP pools with a different session.name
setting. It seems like SuiteCRM's code assumes it's PHPSESSID
in various places. If I change my session.name
setting back to the default session.name = PHPSESSID
, then things start working a lot better 🤔
from suitecrm-core.
We experienced something similar when upgrading Suitecrm from 8.2.4 to 8.4 and php version 7.4 to 8.2.
When trying to display the opportunities list, the graphql would complain about CSRF token, but we could see it was set and working on other list views.
After further investigation we found an error message in our apache log, complaining about memory issues. The php.ini had a limit at 128mb. When raising the limit, the issue was resolved.
Hope it helps!
from suitecrm-core.
Found this issue with a 8.4 fresh install, and also before when upgrading from a 7.4 to a 8.4.
Maybe the problem is in my Apache setup but it seems that the CSRF token is submitted from the browser in a cookie, but not in a request header as expected by SuiteCRM.
So, I have configured Apache to copy the token from the cookie in the header.
SetEnvIf Cookie "(^|;\ *)XSRF-TOKEN=([^;\ ]+)" MyCookieValue=$2
RequestHeader set X-XSRF-TOKEN "%{MyCookieValue}e"
`
And this workaround worked for me.
from suitecrm-core.
@carlitros900 where excactly did you place these commands?
@TwizzX17 I've increased to 256 as well - but without any improvement.
@joho1968 I'm using the standard session config, but still the same problem.
Any other ideas on what to do here?
from suitecrm-core.
I don't really know what got it working, but 8.4.0 is working here now with PHP 8.1.23 on Ubuntu 22.04.LTS.
I have my DocumentRoot set to /var/www/suitecrm/public_html/public
, i.e. the public
folder of SuiteCRM.
The .htaccess
file in the legacy
subfolder has this: RewriteBase /legacy/
from suitecrm-core.
@joho1968 Yes, same setup here - .htaccess is standard then.
Still, if I open URL/api/graphql I get the 403.
Any other ideas what you've changed from the standard?
Did you add any redirect rules?
How do you work with the API?
Just open it in the browser or do you use PHP / Python or anything?
Do you first have to authenticate to retrieve the token? Where is this endpoint and what are the parameters to authenticate?
(Sorry for all the questions - this is just frustratring without documentation from SalesAgility)
from suitecrm-core.
I don't think I've changed anything else. Maybe with the exception of PHP's session handling. I saw that a lot of session files were created, so I installed Redis and configured PHP-FPM like so:
[suitecrm.conf]
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
clear_env = yes
php_admin_value[session.save_handler] = redis
php_admin_value[session.save_path] = "tcp://127.0.0.1:6379"
php_admin_value[sys_temp_dir_string] = "/tmp"
[php.ini]
redis.session.locking_enabled=1
redis.session.lock_retries=-1
redis.session.lock_wait_time=10000
[Apache suitecrm.conf]
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
I'm not using the API. SuiteCRM ran into the issue itself while calling the API. So no external code was part of my problem, only SuiteCRM's internal code.
from suitecrm-core.
@Chris8080 Is in the virtual host in the apache configuración.
Also ha e found the non standard session name issue
from suitecrm-core.
The internal SuiteCRM code works fine for me.
Settings are all more or less standard as well (including PHP sessions).
LAMP stack, fresh VPS, nothing special so far.
My problem is just the GraphQL API.
from suitecrm-core.
Related Issues (20)
- Update scripts deletes files with no warning HOT 1
- Filter using advanced filter date between start date and end date failed HOT 2
- Relate field on Users Module is empty in ListView HOT 1
- Error fiel "amount" - SuiteCRM v. 8.5.1 HOT 3
- Help text not working - SuiteCRM v. 8.5.1
- Document Filenames Not Displaying in Subpanels HOT 1
- Editing related quote from opportunity subpanel gives you are not authorized HOT 3
- Suite Crm 2fa Blank Page Issue HOT 2
- Tasks module - Mass Update is not fully accessible
- Diagnostic Tool broken in latest version
- Improve Cache Clear Speed
- Error updating suiteCRM - Leads and Custom Modules HOT 10
- PHP Fatal error: Uncaught RuntimeException: Unable to create the Doctrine Proxy directory on clean install HOT 4
- SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports
- Validation error when editing a case HOT 5
- Custom module with Many-to_One relationship to Users does not show Users in listview HOT 8
- Upload max size error on install HOT 3
- Error 500 on custom module deployment. HOT 2
- Call list shows Related to field incorrectly if containing letters with accents HOT 1
- Error in the Email Field When Required
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from suitecrm-core.