Moodle networking (MNet)

 
 
Picture of Clark Shah-Nelson
Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
So I made it through the entire Mahoodle.pdf document, thought I was all set, and now cannot get back into Moodle, with any account I have on there, nor with accounts on Mahara...

I get this message:
Invalid login, please try again
If you are a Moodle Network remote user and can confirm your email address here, you can be redirected to your login page.

And when I go to confirm my email address, it won't take any of the ones I know are associated with admin account, etc...

Idears?

Thanks,
Clark
 
Average of ratings: -
Picture of Clark Shah-Nelson
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Ok, I'm moving into this thread from the 1969 thread...

I upgraded the 1.8 server to 1.9 and still am getting the error:

The requested URL /mahara/auth/mnet/land.php?token=edit&idp=http://www.mysite.com/moodle&wantsurl= does not exist.

I figured I would delete the Network peer and try again, but when I try to delete it, I just get a blank white page and nothing happens, so I can't even delete and try again... Is there a way to do this in the database? I can't find it.

...

Meanwhile, on another 1.9 Moodle server, I got closer - it goes to Mahara but then says "

Sorry, could not log you in sad

Sorry, we could not log you into Mahara at this time. Please tryin again shortly, and if the problem persists, contact your administrator"...

Ayayay... smile

thanks in advance for any idears...
Clark
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
On the server you upgraded, you would have needed to change the peer's application type to "Mahara" instead of "Moodle". I'm not sure if you can change an application type after the peer has been created, but you could hunt around on the peer page and see if you can.

On the other server - look in Mahara's server error log (the apache error log that is..), and see if there are any errorrs.
 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
I have similar problems with the Mahara/Moodle networking. Let me say that I am running Moodle, Mahara and Drupal on a hostmonster.com account. System configuration is Linux, php 5.2.6 in fastcgi mode, mysql 5.0.45. Everything runs fast and all work well independently. I have set up the networking in both Moodle and Mahara and they both found the public keys just fine. I then created a demo user account in Moodle and logged in. I then click on the Mahara link in the Moodle network servers block and get taken to the Mahara site which returns this error: "Sorry, we could not log you into Mahara at this time. Please tryin again shortly, and if the problem persists, contact your administrator".

Now if I go back to the Moodle site and try and log out I get an internal server error. After digging around a bit, I found that Moodle is writing session information to the mdl_mnet_session table. If I delete the row containing the session information for the demo user then logout works fine. If I don't delete the row then the user is unable to logout at all on any successive logins.

The Mahara
xmlrpc error log shows the following errors:
[27-Jul-2008 18:09:08] [WAR] e2 (api/xmlrpc/client.php:78) An error occurred at the remote server. Code:
[27-Jul-2008 18:09:08] Call stack (most recent first):
[27-Jul-2008 18:09:08] * Client->send("http://mydomain.com/moodle") at /path/to/public_html/mahara/auth/xmlrpc/lib.php:115
[27-Jul-2008 18:09:08] * AuthXmlrpc->request_user_authorise("28312ec78aa71843a0dbf51ab8bc584e4ddbaddc", "http://mydomain.com/moodle") at /path/to/public_html/mahara/auth/xmlrpc/land.php:101
[27-Jul-2008 18:09:08]

I have checked the Mahara database and nothing has been written to the database at all. I have reinstalled and configured everything following the directions in teh Mahoodle document and still get the same errors. Anybody have any idea what is going on. Many thanks in advance!
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
There's no error code, which suggests that something went strangely wrong on the Moodle side. Are you able to turn as much debugging information on as you can on the Moodle side and see if you get any errors in the logs?

Note that I've tried to help several people on shared hosting before with networking, and often it seems that curl is somehow broken on them - i.e. curl requests returning nothing at all. Sometimes this is even accompanied by broken Mahara error logs (i.e. only half of the backtrace makes it into the log). That might be the problem in this case, but on the other hand you do have a valid Mahara backtrace there so you might be alright smile

What version of Moodle and Mahara are you using?
 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Thanks Nigel, I will turn on additional logging on the Moodle side and see what happens. I am using Moodle 1.9.2+ and Mahara 1.04.
 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Nigel,

I turned on every kind of logging there is on the Moodle side. No on screen errors and not a single log entry referencing the attempt to authenticate into Mahara other than the records posted in my earlier post. I am truly stumped. Any other suggestions? Thanks for the help.
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Following the MNET codepaths can be a little tricky, but you could try doing that if you know your way around PHP. Sometimes that's the only way to solve such problems...

I'm planning on making a patch that will add a bunch of error detection around the curl stuff. I'll link you to it when it's done - you could apply it and see if you get an error message in the logs.

Hm, looking at the code now... you could go into mnet/xmlrpc/server.php, and just after the second line that says ini_set('display_errors',0); (line 15), you could add ini_set('log_errors', 1); and see if that changes anything.
 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Nigel, once again thanks for all of your work. I turned on the logging in the server.php file and this is what I get in the error log each time I try and connect to mahara:

[Tue Jul 29 08:20:18 2008] [notice] mod_fcgid: call /path/to/public_html/moodle/mnet/xmlrpc/server.php with wrapper /usr/local/cpanel/cgi-sys/fcgiwrapper
[Tue Jul 29 08:20:18 2008] [warn] (104)Connection reset by peer: mod_fcgid: read data from fastcgi server error.
[Tue Jul 29 08:20:18 2008] [error] [client 74.220.215.72] Premature end of script headers: server.php
[Tue Jul 29 08:20:18 2008] [error] [client 74.220.215.72] (13)Permission denied: file permissions deny server access: /path/to/public_html/500.shtml

So, is it a problem with the fastcgi on the server? Given the number of fastcgi errors I turned it off and tried to access the Mahara site once more. Each time I try now I get the following errors:
[Tue Jul 29 08:27:48 2008] [error] [client 74.220.215.72] Premature end of script headers: server.php
[Tue Jul 29 08:27:48 2008] [error] [client 74.220.215.72] (13)Permission denied: file permissions deny server access: /path/to/public_html/500.shtml

Once again, thanks for all the help.
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
This is why I hate it when scripts turn error reporting off wink

This page has some information that suggests that server.php might be outputting some error message now, causing those CGI errors. Though display_errors is off, so I can't work out what it might be outputting now...

You might need to put error_log() calls in there to see how far through server.php it's getting before blowing up. E.g.

error_log("made it to line __LINE__");

Put that line in somewhere and move it around until you work out on exactly which line the script seems to end. Then pasted that line (and a few before it) here.
 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Okay, here is what I found using the error log calls, oh I had to change the error_log syntax to error_log("made it to " . __LINE__); in order for it to actually track the line number.

40 // Peek at the message to see if it's an XML-ENC document. If it is, note that
41 // the client connection was encrypted, and strip the xml-encryption and
42 // xml-signature wrappers from the XML-RPC payload
43 if (strpos(substr($HTTP_RAW_POST_DATA, 0, 100), '<encryptedMessage>')) {
44 $MNET_REMOTE_CLIENT->was_encrypted();
45 // Extract the XML-RPC payload from the XML-ENC and XML-SIG wrappers.
46 $payload = mnet_server_strip_wrappers($HTTP_RAW_POST_DATA); (this line is where it crashes)

Once again thanks for all your help!
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Okay - I seem to recall seeing a PHP bug about $HTTP_RAW_POST_DATA not being filled out properly sometimes. Can you please do the following things:

Near the top of the file, there are mentions of this variable:

// PHP 5.2.2: $HTTP_RAW_POST_DATA not populated bug:
// http://bugs.php.net/bug.php?id=41293
if (empty($HTTP_RAW_POST_DATA)) {
 $HTTP_RAW_POST_DATA = file_get_contents('php://input');
}

if (!empty($CFG->mnet_rpcdebug)) {
 trigger_error("HTTP_RAW_POST_DATA");
 trigger_error($HTTP_RAW_POST_DATA);
}

Can you put a couple of lines in just after that:

log_debug("HTTP raw post data:");
log_debug(print_r($HTTP_RAW_POST_DATA, true));

And see what that gives you.

Looking at this raw data might give us a good idea of why it's crashing - I might be able to trace the code for this file from Moodle 1.9.2 from here.

One complication - I'm going on holiday tomorrow ;). I will still be following this thread, though maybe a little slower. I'm as interested in why it's broken as you are!
 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
I tried the log_debug function and it threw an error saying that the function couldn't be found so I used the error_log instead. I hope that this will give you what you are looking for. Here is the results from the log file:

</encryptedMessage>
[30-Jul-2008 03:00:23] HTTP raw post data:
[30-Jul-2008 03:00:23] <?xml version="1.0" encoding="iso-8859-1"?>
<encryptedMessage>
<EncryptedData Id="ED" xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#arcfour"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:RetrievalMethod URI="#EK" Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
<ds:KeyName>XMLENC</ds:KeyName>
</ds:KeyInfo>
<CipherData>
<CipherValue>kiDr5/9byUauZqgWrLrugJaQycU7G6aW0PBVM72w17xrljUT very long key was here</CipherValue>
</CipherData>
</EncryptedData>
<EncryptedKey Id="EK" xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>SSLKEY</ds:KeyName>
</ds:KeyInfo>
<CipherData>
<CipherValue>p6NTLsCJQxGOoI2ceZ4uJrPFCCZar90pfJ7dsb another long key here but not near as long as the first one</CipherValue>
</CipherData>
<ReferenceList>
<DataReference URI="#ED"/>
</ReferenceList>
<CarriedKeyName>XMLENC</CarriedKeyName>
</EncryptedKey>
<wwwroot>http://mydomain.com/mahara</wwwroot>;
<X1>nothing</X1>
</encryptedMessage>

Nigel, have a great holiday!
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Humm.. that data looks fine... on holiday now so I don't have access to code to check it. But that message is normally what you expect to see, so something else must be busted. Are you 100% sure you have openssl set up properly? Are you hosting on windows?
 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Not sure on the openssl thing as it is a hosted site. It is hosted on Linux though. I will continue to tinker and see what I can find out. I will be installing it on a server of my own as soon as all of our hardware upgrades are completed, so hopefully things will improve on a server that is dedicated to just our stuff. Thanks again.
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
I am hosting in MacOS 10.4. When linking Moodle to Mahara, all is well set until page 26 of Mahoodle.pdf manual. Then, jumping to Mahara drops the above error:

Mahara: Invalid Parameter
A required parameter is missing or malformed

We don't have a record for any host at http://servidormini.local/moodle

As seen, Moodle is passing an adress without the final "/", and my server converts it to the local adress.

In fact, when I try to enter my moodle and I forget the final "/" I the the very same error: the regular adress is replaced by the internal adress. That I can not change, since MacOS appends ".local" to the server name to identify it in local network.

So, I assume a patch is needed in "/auth/mnet/jump.php".
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Hi - you might want to file a bug on the moodle tracker, so the problem isn't forgotten.
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Well, I'm not sure if this is a bug in Moodle or in Mahara. It could be in "mahara/auth/xmlrpc/land.php". I'm trying to find out before.
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
I dont know php language, but reading some mahara files, I can undersant:

1. The message I'm getting is errnoxmlrcpwwwroot in mahara/auth/xmlrpc (note: position of letters xmlPRC or xmlRCP ? I double checked and is different)

2. Mahara adress is http://xxxx.xxxxxx.edu.pt/mahara/. The moodle server runs on the adress http://xxxx.xxxxx.edu.pt/moodle/, but somewhere in the process this adress is replaced by the local http://servidormini.local/moodle.

3. The adress replacement usualy takes place when in web browser I forget the final "/" in the adress. Calling http://xxxx.xxxxx.edu.pt/moodle I get the web error on the address http://servidormini.local/moodle

Moodle 1.9.2, Mahara 1.0.4, MacOS 10.4.11, MySQL 5.0.27
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Ok - I think I know what the problem is.

Firstly, the language strings are spelt wrong in the language file too, which I have now fixed ;)

Somehow, I think what is happening is that your server does a reverse lookup on the IP address of the Moodle, and converting it to servidormini.local/moodle. Mahara doesn't have an XMLRPC authinstance using that wwwroot, so the error you're seeing confirms this.

So in other words, you need to fix your DNS so that the reverse lookup is the wwwroot of your Moodle. It makes no sense that it reverses to that local URL.
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
But I dont have a DNS server in that machine where both Moodle and Mahara run, and I rely on external DNS servers. So, I can't fix my DNS.

The problem is MacOS X has got his "rendez-vous"/"bonjour" which works like a sort of local DNS, I think, as an entire Mac network can be set each node automaticaly being found based on the "name.local".

http://developer.apple.com/networking/bonjour/index.html

But I think I once had tried to set up a DNS server, but it failed. I sure need to check it!
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Something very strange is going on: I changed my mac's name to mac.local, but the error message still points to the previous host servidormini.local

In /etc/named.conf and /var/named I have no DNS server configured.

As I rely in external dns server should any firewall other than 80 be open?
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Heh, now you're delving into areas I don't think I can help you so much with. I think I know what the problem is, but I don't know how to solve it on a mac...

Perhaps someone else who has experience with Moodle on macs can step in with some suggestions?
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Ok, thanks. I'm going to try in a clean Mac install...
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
I found another error, maybe related to the previous. In Mahara I had created a new institution (Mahoodle.pdf page 12), did configure XMLRPC, got Moodle key, and so on.

As I explained, authentication fails. So I tried to delete the new institution I had created, but I got this error message:

Mahara: Site unavailable
A nonrecoverable error occured. This probably means you have encountered a bug in the system

The information is incorrect, since my Mahara site is avaiable, any local user can login and logout.
 
Average of ratings: -
Picture of Penny Leach
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
Group Developers
That error message is perhaps misleading, but what is means is whatever specific action you just tried to take (in this case deleting an institution) caused a problem.

It doesn't mean the entire site is unavailable to everyone.
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
When you see an error like that, it's always accompanied by a backtrace in the server error log. You can have a look in it to see why it crashed, and then file a bug report against Mahara with that information.
 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
In Moodle I erased the key and created a new one. In Mahara I try to aply the new key, but it seems to keep it in cache, I can't force mahara to retrieve the new key, even if I erase the XLMRPC plugin and create a new one. Since the server adress is the same, it uses the previous key.
 
Average of ratings: -
Picture of Dan Marsden
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
Group DevelopersGroup Moodle Course Creator Certificate holdersGroup Particularly helpful MoodlersGroup Translators
Hi Randy,

I know this is an old post, but commenting here to help others that might end up with this problem in the future!

I've just been digging around for a while on a hostmonster hosted site that gives the exact same error! - I traced it down to a call to xml_parse which was failing.

then I found this post about a libxml2 bug that wordpress users were working around:
http://blog.hoofoo.net/2009/01/14/wordpress-patch-for-problamatic-libxml2-version/

which relates to this php bug here;
http://bugs.php.net/bug.php?id=45996

Adding the code posted on the wordpress blog to the specific xml_parse call that was failing got a lot further, but xml_parse is used in many places in Moodle, so that would mean adding a workaround for the php bug in every place we call xml_parse. The same would need to be done in Mahara.

The fix for this would be to get hostmonster to install a less buggy version of libxml2 - if they're unable to do this, then you should find a new web host (if you haven't already!)

I do think we should at the least notify Moodle administrators that a buggy version of libxml2 is installed to allow them to resolve it, so I've created MDL-20220 to look at getting this added.

I've also added an FAQ to the Mnet FAQ's detailing this as well:
Moodle_Network_FAQ#I.27ve_set_up_the_keys_and_configured_Moodle_Networking.2C_but_when_I_try_to_SSO_into_Mahara.2C_it_doesn.27t_work

hopefully this saves someone else the time I spent tracking it down!

 
Average of ratings: -
Picture of Randy Orwin
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Thanks Dan. I had given up for the time being as I had so many other projects to work on. I read through the bug report and checked the server for the correct versions. It looks like my shared server is running PHP Version 5.2.9 and libxml 2.7.3. Does it need to be libxml2 2.7.3? See the screen shot of my libxml from the phpinfo page:
libxml.pngI have updated my version of Mahara and will try and see if things work as expected some time in the next few days. Thanks again.

Randy
 
Average of ratings: -
Picture of Dan Marsden
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
Group DevelopersGroup Moodle Course Creator Certificate holdersGroup Particularly helpful MoodlersGroup Translators
Hi Randy,

yeah - that's what's showing on the account I was playing with too - libxml is correct, it's the version number that has the bug though (2.7.1, 2.7.2 and 2.7.3 seem to have this issue)

I've passed these details onto our client and I expect they will be logging a support ticket with hostmonster about it in the next couple of days - I'll try to post back here if we hear anything from them.

thanks,

Dan
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
By the looks of the PHP bug report, the problem might be solvable if PHP is compiled with expat support - even when using the buggy libraries. So that's another option for people to pursue if they can't downgrade (looks like 2.7.3 is the latest libxml at this time).
 
Average of ratings: -
Picture of Dan Marsden
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
Group DevelopersGroup Moodle Course Creator Certificate holdersGroup Particularly helpful MoodlersGroup Translators
Just a quick update on Hostmonster...

From what I understand they are currently discussing the possibility of compiling PHP against expat, it will be interesting to see the outcome!

If they don't resolve this, Hostmonster should NOT be used to host your Moodle install, you will have issues in the following areas:

* Moodle Backup (see: MDL-16759 and Backup FAQ)
* HotPot Module (see: MDL-17136)
* Moodle Networking (see: Moodle Network FAQ)

And possibly other areas of Moodle.
 
Average of ratings: -
Picture of David Mudrák
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
Group DevelopersGroup Documentation writersGroup Moodle HQGroup Particularly helpful MoodlersGroup Translators

For the record: I was debugging a similar problem today (unable to log in from Moodle 1.9.11 to Mahara 1.3, getting

Curl error: 52: Empty reply from server
 

and tracked the issue down to the xml_parse() in mnet/xmlrpc/xmlparser.php. It was at shared hosting, PHP 5.2.13-pl0-gentoo with libxml 2.7.3. Despite from what is being said in the #45996 at bugs.php.net, this combination of PHP and libxml2 does not seem to work well.

Luckily, the attached patch for the Moodle side worked for me.

Most probably their Moodle server will have other problems wherever xml_parse() is used (course backups etc) but the SSO via MNet was top priority for us.

 
Average of ratings: -
Picture of João Filipe Oliveira
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
I also tried to delete the Institution created in Mahara, acording to Mahoodle.pdf but was impossible. Then I tried to delete the register in Mysql Form of Mahara database, accessing as root, but it stands still there...
 
Average of ratings: -
Picture of Sasikala P A
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
Group Translators
Randy & Nigel,
I'm having the exact problem as Randy Orwin mentioned. Have you managed to get a solution ?

thanks in advance
Sasikala.
 
Average of ratings: -
Nigel
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
 
Hi - if that was the error about Moodle not returning any error code for the curl request, then no. This seems to be something to do with some shared hosting setups. The best way to solve this kind of problem is to move to vps or full server hosting, where you have full control over the environment.
 
Average of ratings: -
Picture of Sasikala P A
Re: Moodle - Mahara - Mahoodle - Can't log in to Moodle
Group Translators
Nigel,
Thanks for the update and advice.May be I should talk with my client.

regards
Sasikala
 
Average of ratings: -
Picture of Murad Jamal
can't log into Mahara
 

I face the same problem and same error message when I try to enter Mahara at http://localhost/mahara  mahara server gives me same message :

Sorry, we could not log you into Mahara at this time. Please try again shortly, and if the problem persists, contact your administrator

my environment is as follows:

1) Windows 7 Ultimate

2) Moodle & Mahara are both on local host

3) Zend Server with PHP 5.3 & MySql 5.1

4) both versions of Moodle (1.9.5+) & Mahara (1.1.6) are running without any other problems

5) I have openSSL and libxml (2.7.3) both installed and running on my machine.

6) I finisehd up all required steps (in the mahoodle pdf document) for SSO from Moodle to Mahara and all steps were successfull.

7) Moodle database encoding (utf8_general_ci) & Mahara database encoding (utf8).

8)  sad  the result was the error message I posted above; here is the server log :

-----------------------------------------------------------------------------------------

[07-Oct-2009 13:54:20] [WAR] 59 (C:\Program Files\Zend\Apache2\htdocs\mahara\api\xmlrpc\client.php:115) An error occured while decrypting a message sent by http://localhost/moodle. Unable to authenticate the user.
[07-Oct-2009 13:54:20] Call stack (most recent first):
[07-Oct-2009 13:54:20]   * Client->send("http://localhost/moodle") at C:\Program Files\Zend\Apache2\htdocs\mahara\auth\xmlrpc\lib.php:117
[07-Oct-2009 13:54:20]   * AuthXmlrpc->request_user_authorise("4c8183e7e797d289f2f79596e480b3e52e6b31ac", "http://localhost/moodle") at C:\Program Files\Zend\Apache2\htdocs\mahara\auth\xmlrpc\land.php:95
[07-Oct-2009 13:54:20]

----------------------------------------------------------------------------------------

9) I opened the mentioned above (client.php) file, scrolled down to line # 115 and I found this  try-catch block that is throwing that exception:

-----------------------------------------------------------------------------------------------------

try {

if ($xml->getName() == 'encryptedMessage') {

$payload_encrypted = true; $wwwroot = (string)$xml->wwwroot;

// Strip encryption, using an older code is OK, because we're the client.

// The server is able to respond with the correct key, be we're not

$payload = xmlenc_envelope_strip($xml, true);

}

 

if ($xml->getName() == 'signedMessage') {

$payload_signed = true;

$remote_timestamp = $xml->timestamp;$payload = xmldsig_envelope_strip($xml);

}

}

catch (CryptException $e) { throw new XmlrpcClientException("An error occured while decrypting a message sent by $wwwroot. Unable to authenticate the user.");

}

-----------------------------------------------------------------------------------------------------

then I searched a lot on google, and found out that the problem is caused by a bug in libxml2 php extension accoding to Mr. Dan's post above:

http://moodle.org/mod/forum/discuss.php?d=101459#p577035

 

I tried to downgrade my libxml2.7.3 version to libxml2.6.x, i.e. I grabbed the libxml2.dll file (that belongs to version 2.6) and replaced it with the one located under C:\Program Files\Zend\ZendServer\bin

restarted my Zend Server, still getting the same error.

I really tried everything possible to solve such problem, but without any positive result.

so, I'd be so grateful to enyone  helps me with that.

thank you a million in advance.

 
Average of ratings: -
Picture of Murad Jamal
Re: can't log into Mahara
 
is this forum dead or what ??????????
 
Average of ratings: -
Picture of Dan Marsden
Re: can't log into Mahara
Group DevelopersGroup Moodle Course Creator Certificate holdersGroup Particularly helpful MoodlersGroup Translators
nope - it's just not easy getting mnet to work on a windows machine - you need to have the latest version of Moodle (including the patch I made for win mnet) and the right entry in config.php pointing to your openssl.cnf file.

then on the mahara side you need to have a similar patch in place (as I haven't had time to push the change into Mahara yet) and an entry in the mahara config.php to point to your openssl.cnf file.

unfortunately for you, there aren't many people who've successfully got Mnet to work under windows, and none of us have time right now to help you for free! smile (I've been on leave for the past few weeks, and am just starting to catch up on the deluge of e-mail/Moodle forum posts to read)

give me another week or so to catch up and I'll push some changes into Mahara core that will help!
 
Average of ratings: -
Picture of Murad Jamal
Re: can't log into Mahara
 

Hi Dan,

I applied your patch (MDL-13503 )

on the latest MOODLE install (my moodle is on localhost and not published) so there won't be any hosting errors.

your patch on Moodle solved the problem of the Moodle been unable to locate and open the .cnf file and generate the key, yes the patch solved the problem and Moodle networking can generate the public key without errors. as you refered above, that I have to add the right entry in the config.php file of Moodle to point to the openssl.cnf file, how can i do that exactly ? you didn't mention anything about adding such entry in MDL-13503  ???

And actually, this is not the problem I'm talking about, my problem is with the SSO thing, I can't SSO into MAHARA although I have set up everything according to the mahoodle pdf document, and I detailed my problem on my last post above.

Additionally, I have patched Mahara to enable it to point to the openssl.cnf file and posted the patch at Eduforge #3387 https://eduforge.org/tracker/?group_id=176&atid=739&func=detail&aid=3387

and got Mahara's networking working properly ...

Now, I don't know what's going on with the SSO thing ..

WHY DO I STILL GET THE FOLLOWING ERROR MESSAGE WHEN I SSO INTO MAHARA:

Sorry, we could not log you into Mahara at this time. Please try again shortly, and if the problem persists, contact your administrator

??????????

 
Average of ratings: -
Picture of Murad Jamal
Re: can't log into Mahara
 
[quote]and I detailed my problem on my last post above.[/quote]

 here's a further detail:

I changed the last line in the code snippet of my post above (http://moodle.org/mod/forum/discuss.php?d=101459#p588377) from :

catch (CryptException $e) { throw new XmlrpcClientException("An error occured while decrypting a message sent by $wwwroot. Unable to authenticate the user.");

to  

(CryptException $e) { throw new XmlrpcClientException("An error occured while decrypting a message sent by $wwwroot. Unable to authenticate the user. Message is: " . $e->getMessage()); 

then tried to SSO into mahara, I got the same error message :

Sorry, we could not log you into Mahara at this time. Please try again shortly, and if the problem persists, contact your administrator

I opened the server's error log and found this warning:

[WAR] 1b (C:\Program Files\Zend\Apache2\htdocs\mahara\api\xmlrpc\client.php:115) An error occured while decrypting a message sent by http://localhost/moodle. Unable to authenticate the user. Message is: We know nothing about the key used to encrypt this message 

I went through the code even further, and found out that the  mentioned (C:\Program Files\Zend\Apache2\htdocs\mahara\api\xmlrpc\client.php) file has an include statement at its top for lib.php, opened lib.php, and found the following function that produces the $e->getMessage() output above (i.e. We know nothing about the key used to encrypt this message ):

---------------------------------------------------------------------------

public function openssl_open($data, $key, $oldkeyok=false) {

$payload = '';

$isOpen = openssl_open($data, $payload, $key, $this->keypair['privatekey']);

 

if (!empty($isOpen)) {

return $payload;}

else {

// Decryption failed... let's try our archived keys

$openssl_history = $this->get_history();

foreach($openssl_history as $keyset) {

$keyresource = openssl_pkey_get_private($keyset['keypair_PEM']);

$isOpen = openssl_open($data, $payload, $key, $keyresource);

if ($isOpen) {

// It's an older code, sir, but it checks out

if ($oldkeyok) {return $payload;

}

else {

// We notify the remote host that the key has changed

throw new CryptException($this->keypair['certificate'], 7025);

}

}

}

}

throw new CryptException('We know nothing about the key used to encrypt this message', 7025);

}

---------------------------------------------------------------------------

 

when you have a look at the yellow shadowed line, here is where the server's log message comes from. the description of function openssl_open is : Decrypt some data using our private key and an auxiliary symmetric key

so the function uses the private key $key (which is listed in the parameters list to decrypt the data $data, as far as I can understand from this function, it fails to decrypt the data because the function does not know anything about the key ($key) used to encrypt the data ($data)  i.e. the function cannot understand the key $key structure.

the function openssl_open is being called from another function, and here it is :

-----------------------------------------------------------------------------------------------------------

function xmlenc_envelope_strip(&$xml, $oldkeyok=false) {

$openssl = OpenSslRepo::singleton();

$payload_encrypted = true;

$data = base64_decode($xml->EncryptedData->CipherData->CipherValue);

 $key = base64_decode($xml->EncryptedKey->CipherData->CipherValue);

$payload = ''; // Initialize payload var

$payload = $openssl->openssl_open($data, $key, $oldkeyok);

$xml = parse_payload($payload);

return $payload;

}

----------------------------------------------------------------------------------------------------------

I highlighted the $key line above because I have a doubt that it has a higher importance.

now, i have detailed everything about my problem, any help would be highly appreciated .. thank you a lot

 
Average of ratings: -
Picture of Murad Jamal
Re: can't log into Mahara
 

further info that I've just found:

 I enabled full debugging on Moodle side, then i navigated to : site administration block -> networking -> peers then I chose the Mahara peer (which I've added previously), then from the tabs above I chose "services" ,  at this point the debugger prints 6 lines above the page, the lines are:

----------------------------------------------------------------------------------------------------------------------------------
Warning: openssl_sign() [function.openssl-sign]: supplied key param cannot be coerced into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\lib.php on line 172

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 216

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 229

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 229

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 229

Notice: None of our keys could open the payload from host http://localhost/mahara with id 4. in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 238
-------------------------------------------------------------------------------------------------------------------------------------

here're lines 163-172 in lib.php :

// If the user hasn't supplied a private key (for example, one of our older, // expired private keys, we get the current default private key and use that.

if ($privatekey == null) {$privatekey = $MNET->get_private_key();}// The '$sig' value below is returned by reference.

// We initialize it first to stop my IDE from complaining.

$sig = '';$bool = openssl_sign($message, $sig, $privatekey); // TODO: On failure?

 

 

and here're lines 212-216 in client.php :

// Initialize payload var

$payload = '';

//                                                                     &$payload

$isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $MNET->get_private_key());

 

and here're lines 228-229 in client.php:

$keyresource = openssl_pkey_get_private($keyset['keypair_PEM']); $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $keyresource);

 

and here're lines 237-241 in client.php file:

if (!$isOpen) {

trigger_error("None of our keys could open the payload from host {$mnet_peer->wwwroot} with id {$mnet_peer->id}.");

$this->error[] = '3:No key match'; return false;

}

 

I think these lines will provide extra important information. what do you think ?

 
Average of ratings: -
Picture of Dan Marsden
Re: can't log into Mahara
Group DevelopersGroup Moodle Course Creator Certificate holdersGroup Particularly helpful MoodlersGroup Translators
The FAQ I list in the tracker issue mentions:
http://docs.moodle.org/en/Moodle_Network_FAQ#Moodle_doesn.27t_generate_any_keys_on_the_networking_pages

without setting the path to your openssl.cnf - that patch won't work. you will also need to do the same on the Mahara side.
 
Average of ratings: -
Picture of Murad Jamal
Re: can't log into Mahara
 

Thanx Dan I added the entry on both Mahara and Moodle config files and applied your patch to allow Moodle to generate the public key by opening the cnf file using the config file. now my Mahara generates the public key using the hardcoded path of the cnf file, so i will be waiting for you to update mahara core to allow it to generate the key using a more reliable way (i.e. through $CFG).

but again, Mr. Dan, this is not the main issue, the issue has nothing to do with the keys or with the way how keys are generated, the problem is that Mahara cannot understand Moodle keys, after I clarified my problem in the last 2 posts above, I managed to follow Mr. Nigel scenario to change the keys on both sides:

----------------------------------------------------------

  • On the Moodle, delete the Mahara peer
  • In the moodle database, have a look in the mdl_mnet_host table, and see if there's a Mahara record. If there is, delete it (leave the other records alone)
  • In the mahara database, go to the config table, and delete all the entries that have a name that starts with openssl_. In SQL terms: DELETE FROM config WHERE field LIKE 'openssl_%';
  • In Mahara, visit the networking page in the admin section. That should give you a new key, which you can verify by looking in the config table (some of those openssl_ vars will be back).
  • In Moodle, add the Mahara peer again.


------------------------------------------------------------

but this method didn't change anything.

However, I noticed couple of things when I tried that scenario (Moodle full debugging is turned on and the patched of cnf file applied to Moodle using the $CFG and applied to Mahara by hardcoding the path of cnf file):

 

the first thing:

when I try to delete the entry of Mahara from mdl_mnet_host table (in Moodle database), it will be deleted successfully but the debugger shows the following message at the top of the deletion confirmation page :

---------------------------------------------------------------------------------------------------

Table 'moodle.mdl_mnet_rpc2host' doesn't exist

DELETE FROM mdl_mnet_rpc2host WHERE host_id = '4'

--------------------------------------------------------------------------------------------------- 

 

the second thing:

each time i try to sso into Mahara and get the error message, I return back to Moodle (by pressing the browser's back button) , and at that point when i try to log out, the debugger shows the following lines (which I told you about in my last post above):

--------------------------------------------------------------------------------------------------------------------------

 Warning: openssl_sign() [function.openssl-sign]: supplied key param cannot be coerced into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\lib.php on line 172

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 216

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 229

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 229

Warning: openssl_open() [function.openssl-open]: unable to coerce parameter 4 into a private key in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 229

Notice: None of our keys could open the payload from host http://localhost/mahara with id 6. in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 238

Server side error has occured on host 6: 3:No key match
  • line 1130 of auth\mnet\auth.php: call to debugging()
  • line 1020 of auth\mnet\auth.php: call to auth_plugin_mnet->kill_children()
  • line 2138 of lib\moodlelib.php: call to auth_plugin_mnet->prelogout_hook()
  • line 29 of login\logout.php: call to require_logout()

-------------------------------------------------------------------------------------------------------------------------

and then I log out without other errors by pressing the (continue) button (because the debugger disabled the automatic redirection due to warnings). But if i log in again (with the same user or other user) and I don't attempt to sso into Mahara, after that if i try to log out, the Moodle logs me out successfully without displaying any error. so the above warning lines  shows only when I try to sso into mahara then try to log out from Moodle.

 

the third thing:

After I delete the Mahara peer from Moodle, and then try to SSO into mahara for the first time  I still get the same (famous smile ) error message, then I go back to Moodle, and try to log out the debugger shows the mentioned above warning lines with the following additional notice lines:

-------------------------------------------------------------------------------------------------------------------------------

 Notice: Undefined property: mnet_peer::$application in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 127

Notice: Trying to get property of non-object in C:\Program Files\Zend\Apache2\htdocs\moodle\mnet\xmlrpc\client.php on line 127

Server side error has occured on host 5: 7:User with ID 2 attempted to call unauthorised method auth/mnet/auth.php/kill_child on host

-------------------------------------------------------------------------------------------------------------------------------

 I ONLY get this notice only once and after ONLY the first time I try to sso into Mahara and then log out from Moodle; that means, if i log into Moodle again (with the same user or other user), try to sso into Mahara, then return back to Moodle, then log out, I will get only the warning lines mentioned above (at the begining of this post) and i don't get the notice lines.

I hope you got what I mean.

The question is why I still get :

Sorry, we could not log you into Mahara at this time. Please try again shortly, and if the problem persists, contact your administrator

sad

 
Average of ratings: -