Log In fail on Zammad

  • Used Zammad version: Version 6.2.0-1706169043.76bdc8b0.jammy
  • Operating system: Linux 22.04
  • Browser + version: Google Chrome

Unfortunately, log in is not possible. The following message is displayed: Could not process your request

Could you provide more info?
The login page shows? How do you log in, built-in users, SSO?

The page shows the following message when I want to log in “Could not process your request”. Login does not work with the admin account and didt work with the user data of the LDAP integration.

From extern the connect via Proxy with Reddoxx.

production.log might be interesting as well.

Had this a few weeks with a customer. The log file contains the exact same message.
Restarting Zammad did help in my case. I additionally also cleared the cache to touble tap

I, [2024-01-29T10:22:29.057400#793-142360] INFO – : Completed 401 Unauthorized in 5ms (Views: 0.1ms | ActiveRecord: 1.1ms | Allocations: 2491)
I, [2024-01-29T10:22:30.056597#797-142000] INFO – : ProcessScheduledJobs running…
I, [2024-01-29T10:22:30.057874#797-142000] INFO – : Running job thread for ‘Check channels.’ (Channel.fetch) status is: sleep
I, [2024-01-29T10:22:30.057924#797-142000] INFO – : Running job thread for ‘Check ‘Channel’ streams.’ (Channel.stream) status is: sleep
I, [2024-01-29T10:22:30.058033#797-142000] INFO – : Running job thread for ‘Generate ‘Session’ data.’ (Sessions.jobs) status is: sleep
I, [2024-01-29T10:22:30.058088#797-142000] INFO – : Running job thread for ‘Process ticket escalations.’ (Ticket.process_escalation) status is: sleep
I, [2024-01-29T10:22:30.058100#797-142000] INFO – : Running job thread for ‘Execute planned jobs.’ (Job.run) status is: sleep
I, [2024-01-29T10:22:40.058320#793-142480] INFO – : Started POST “/api/v1/message_send” for 192.168.16.93 at 2024-01-29 10:22:40 +0000
I, [2024-01-29T10:22:40.060734#797-142000] INFO – : ProcessScheduledJobs running…
I, [2024-01-29T10:22:40.061986#793-142480] INFO – : Processing by LongPollingController#message_send as JSON
I, [2024-01-29T10:22:40.062021#793-142480] INFO – : Parameters: {“data”=>{“event”=>“login”}}
I, [2024-01-29T10:22:40.062285#797-142000] INFO – : Running job thread for ‘Check channels.’ (Channel.fetch) status is: sleep
I, [2024-01-29T10:22:40.062325#797-142000] INFO – : Running job thread for ‘Check ‘Channel’ streams.’ (Channel.stream) status is: sleep
I, [2024-01-29T10:22:40.062417#797-142000] INFO – : Running job thread for ‘Generate ‘Session’ data.’ (Sessions.jobs) status is: sleep
I, [2024-01-29T10:22:40.062470#797-142000] INFO – : Running job thread for ‘Process ticket escalations.’ (Ticket.process_escalation) status is: sleep
I, [2024-01-29T10:22:40.062482#797-142000] INFO – : Running job thread for ‘Execute planned jobs.’ (Job.run) status is: sleep
I, [2024-01-29T10:22:40.066280#793-142480] INFO – : CSRF token verification failed
I, [2024-01-29T10:22:40.066945#793-142480] INFO – : CSRF token verification failed! (Exceptions::NotAuthorized)

Restarting didn’t help.

There is your answer: CSRF token verification failed!

Make sure you’re accessing your Zammad instance with the correct protocol + fqdn.

I can’t log in to check the points. Are there other ways to check the settings?

The documentation has you covered.
https://docs.zammad.org/en/latest/admin/console/zammad-settings.html#fqdn-setting

1 Like

I tested the whole thing again. Login is not possible if the HTTPS protocol is selected under System. But I have to change this because I would like to connect an Office365 account.
Do I have to change the file from the web server?

Don’t know. How does your webserver configuration look like.

<VirtualHost *:80>
    # replace 'localhost' with your fqdn if you want to use zammad from remote
    ServerName 192.168.16.90

    ## don't loose time with IP address lookups
    HostnameLookups Off

    ## needed for named virtual hosts
    UseCanonicalName Off

    ## configures the footer on server-generated documents
    ServerSignature Off

    ProxyRequests Off
    ProxyPreserveHost On

    <Proxy 127.0.0.1:3000>
        Require local
    </Proxy>

    ProxyPass /assets !
    ProxyPass /favicon.ico !
    ProxyPass /apple-touch-icon.png !
    ProxyPass /robots.txt !
    # legacy web socket server
    ProxyPass /ws ws://127.0.0.1:6042/
    # action cable
    ProxyPass /cable ws://127.0.0.1:3000/cable
    ProxyPass / http://127.0.0.1:3000/

    # change this line in an SSO setup
#    RequestHeader unset X-Forwarded-User

    DocumentRoot "/opt/zammad/public"

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>

    <Directory "/opt/zammad/public">
        Options FollowSymLinks
        Require all granted
    </Directory>

</VirtualHost>

Well you can hardly use an HTTP based configuration for HTTPs traffic.
There’s your error. Oh and SSO via non HTTPs is… a interesting choice as well.