Mattermost Peer-to-Peer Forum

Websocket routing error


#1

Hi,

I currently run the latest mattermost on 127.0.0.1:8065 behind nginx with port 443 and ssl enabled…

I get this new error in the log after updating to 3.5.1.

Mattermost seems to be working and everything and i cannot seem to find for any resolution on this issue.

[2016/12/08 14:18:02 CET] [EROR] /api/v3/teams/zn93xbjmujbr9ck3riqamggd1e/channels/k3ydqrxxjig3xc8hzmwf563row/posts/since/1480520388773: code=401 rid=11a4t86oajy3xeicwpztrxgunr uid= ip=62.209.162.5 Invalid or expired session, please login again. [details: UserRequired]
[2016/12/08 14:18:02 CET] [EROR] /api/v3/teams/zn93xbjmujbr9ck3riqamggd1e/channels/: code=401 rid=7mmo8hxqxpfozrnrwet8os5yxa uid= ip=62.209.162.5 Invalid or expired session, please login again. [details: UserRequired]
[2016/12/08 14:18:02 CET] [EROR] websocket routing error: seq=1 uid= api.web_socket_router.not_authenticated.app_error [details: ]

Currently i use CentOS Linux release 7.2.1511 (Core)

Nginx configuration is

server {
listen 443 ssl;
server_name domain.tld
add_header Strict-Transport-Security “max-age=31536000”;

ssl_certificate    certificatefile;
ssl_certificate_key keyfile;


ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;

location / {
  gzip off;
  proxy_set_header X-Forwarded-Ssl on;
  client_max_body_size 50M;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Frame-Options SAMEORIGIN;
  proxy_pass http://127.0.0.1:8065;
}

}

Any help where to look is very appreciated


#2

Hi @zippit,

Do you have integrations or anything that might be trying to connect to the WebSocket, other than the Mattermost apps?

In Mattermost 3.5 we added the ability to authenticate with the WebSocket by providing a token over the connection, rather than forcing use of headers or cookies to authenticate before connecting. This error will occur when a WebSocket connects but the client does not authenticate within a set period of time.

Hope that helps!


#3

Hello,
I have a similar issue - I just upgraded from 3.3.0 to 3.6.2

[2017/02/06 20:03:09 UTC] [EROR] websocket routing error: seq=1 uid= api.web_socket_router.not_authenticated.app_error [details: ]
[2017/02/06 20:03:09 UTC] [EROR] /api/v3/teams/5nc311cgnjnczcxm1g4hzg8oho/channels/sm9xx78b4jgupj6c1bi41fqpmh/posts/since/1486395590461: code=401 rid=1nfz9rufjirdpx5oopnxnsouje uid= ip= Invalid or expired session, please login again. [details: UserRequired]

Log is full of these entries. Couldn’t be this just about some users left desktop app open before upgrade and now ws are failing, because users are not authenticated?

Thanks for reply

M.