NSP: Sorry Dave, I can't let you do that
NSP: Sorry Dave, I can't let you do that
I have been having an issue with IE 11.1206.15063.0 update 11.0.75. When logging into Nagios Fusion 4.1.1, I get an error "NSP: Sorry Dave, I can't let you do that".
Login works fine from Chrome or FireFox.
I have tested on multiple machines, verified the date/time is correct, and cleared my cache. I have turned on compatibility mode, but the issue still exists. While attempting to narrow down the issue, I see not problems listed in the files in /usr/local/nagiosfusion/var/log, nor in my /var/log/httpd/ folders.
Nagios Fusion is running on 64bit Red Hat 7.
Login works fine from Chrome or FireFox.
I have tested on multiple machines, verified the date/time is correct, and cleared my cache. I have turned on compatibility mode, but the issue still exists. While attempting to narrow down the issue, I see not problems listed in the files in /usr/local/nagiosfusion/var/log, nor in my /var/log/httpd/ folders.
Nagios Fusion is running on 64bit Red Hat 7.
Re: NSP: Sorry Dave, I can't let you do that
When the login page comes up, a hidden variable called nsp is set in the source code. When credentials from the login page are submitted the nsp variable is included and checked against a php session id. The "Sorry Dave" message occurs if the session id and nsp value don't match. The most common causes for this that I've seen:
-data is incorrect on the client or XI machine
-client browser has login page cached with an old nsp value
-client logged in with https, logged out and then tried to login with http
When I get this error I like to load the page a few times and check the source to verify that the nsp value is actually updating. You may just need a hard refresh in the browser to get this to work again.
Less than ideal but can fix this quickly is just to restart the httpd service with 'service httpd restart'
-data is incorrect on the client or XI machine
-client browser has login page cached with an old nsp value
-client logged in with https, logged out and then tried to login with http
When I get this error I like to load the page a few times and check the source to verify that the nsp value is actually updating. You may just need a hard refresh in the browser to get this to work again.
Less than ideal but can fix this quickly is just to restart the httpd service with 'service httpd restart'
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: NSP: Sorry Dave, I can't let you do that
You are correct. The nsp_str is not getting updated.
I don't know if this matters, but the server is setup for TLS communication, and is setup with an alias. We do get different nsp_str values depending on if we go to https://servername/nagiosfusion or if we go to https://alias/nagiosfusion. The string is also different depending on which computer you hit the server from, but it never updates once you get your initial string.
Issue stays despite restarts of the computer, or even going to different computers/servers. I have cleaned my temporary files without success.-data is incorrect on the client or XI machine
A hard refresh of IE does not fix the issue (ctrl + F5), nor does closing IE (verified IE is not running via Task Manager).-client browser has login page cached with an old nsp value
Server is setup to use https, login URL is https, login has never occurred, so we cannot log in, then log out, then attempt another login with http.-client logged in with https, logged out and then tried to login with http
I don't know if this matters, but the server is setup for TLS communication, and is setup with an alias. We do get different nsp_str values depending on if we go to https://servername/nagiosfusion or if we go to https://alias/nagiosfusion. The string is also different depending on which computer you hit the server from, but it never updates once you get your initial string.
Re: NSP: Sorry Dave, I can't let you do that
Testing this again the proper behavior is the string will stay the same but change if there is a successful login or if apache/php generates a new one for the client. Have you tried restarting the httpd service?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: NSP: Sorry Dave, I can't let you do that
Yes, HTTPD was restarted.
Logins will not work with any user in IE. Are there some log files I could look at that may point me to the direction of the issue?
Logins will not work with any user in IE. Are there some log files I could look at that may point me to the direction of the issue?
Re: NSP: Sorry Dave, I can't let you do that
Attached is a new /usr/local/nagiosfusion/html/includes/utils/sessions.inc.php to replace the old one. It will display the two variables that need to match in order to avoid this message. I'm curious to know what the client is submitting and if it is the same value seen in the source.
You do not have the required permissions to view the files attached to this post.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: NSP: Sorry Dave, I can't let you do that
From IE:
From Chrome:
Code: Select all
NSP: Sorry David, I can't let you do that
NSP: f2f9211c56fa200cf8994548361b613abadee4031483b8abe13cb219fd3382b4
user_nsp:
Code: Select all
NSP: Sorry David, I can't let you do that
NSP: f3bd4135e883c09cdeb68621681833bf39ffb35ae57da49a84968cb85f7cdc0f
user_nsp: f3bd4135e883c09cdeb68621681833bf39ffb35ae57da49a84968cb85f7cdc0f
Re: NSP: Sorry Dave, I can't let you do that
Interesting. Does the nsp value show up in the POSTd body? Example:
You do not have the required permissions to view the files attached to this post.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: NSP: Sorry Dave, I can't let you do that
It does not
You do not have the required permissions to view the files attached to this post.
Re: NSP: Sorry Dave, I can't let you do that
What version of Windows is the client on? I'm having difficulty getting my machine up to IE 11.1206.15063.0 update 11.0.75 for testing and think it may be due to the OS version.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.