Status code upon login failures is not 401



  • Hello everyone,

    Upon log file analysis I observerd that entering incorrect passwords / usernames does not result in 401 response code in the NGINX/Apache2 log file, but only a 200 with an verbal “Logon failed. Please verify your credentials and try again”.

    When entering wrong password my reverse proxy recieves from webapp:
    AAA.BBB.CCC.EEE - - [11/Apr/2020:12:56:16 +0200] “POST /webapp/?logon HTTP/1.1” 200 3096 “https://XXX/webapp/?logon” “Mozilla/5.0 (Linux; Android 7.0; DEVICENAME) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.xxx.xxx.xxx Safari/537.36”

    Looking into the WebAPP Apache2 access log states:
    AAA.BBB.CCC.EEE - - [11/Apr/2020:12:56:16 +0200] “POST /webapp/?logon HTTP/1.1” 200 3550 “https://XXX/webapp/?logon” “Mozilla/5.0 (Linux; Android 7.0; DEVICENAME) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.xxx.xxx.xxx Safari/537.36”

    Looking into the WebAPP Apache2 error log reveals:
    [Sat Apr 11 12:56:16.087556 2020] [:error] [pid 22604] [client AAA.BBB.CCC.EEE:49738] Kopano WebApp user: username@XXX.de: authentication failure at MAPI, referer: https://XXX/webapp/?logon

    Anyone else oberserving this? This causes some problems when establishing security mechanism like fail2ban, …

    All involved server are:
    Description: Debian GNU/Linux 9.12 (stretch)
    Release: 9.12
    Codename: stretch
    WebApp: 3.5.14.2539+111.1
    Kopano Core: 8.7.9

    I appreciate any help.



  • Hi,

    no one experiencing this problem?

    Best


Log in to reply