scott0830 1 Posted September 24, 2017 Share Posted September 24, 2017 Yesterday I updated to 3.2.32.0 on my Ubuntu 16.04 running Nginx with proxypass box. Now whenever I (or other users) login to the web interface it prompts to enter the credentials. I figured it was just from pushing the update, but anytime you access or refresh the browser (Chrome, FF, Edge) it pushes you to the login screen. I've dumped the cache on the browsers and nothing changes. I even removed all my plugins, restarted the server and still nothing changes. Anyone else experiencing this or have experienced this? Thanks! Link to comment Share on other sites More sharing options...
Luke 37060 Posted September 24, 2017 Share Posted September 24, 2017 Hi, it sounds like browsing data is being cleared. that's the only thing that would cause this. Link to comment Share on other sites More sharing options...
scott0830 1 Posted September 24, 2017 Author Share Posted September 24, 2017 Thats kinda what I was thinking as well. Any ideas as to what could cause this? Link to comment Share on other sites More sharing options...
Luke 37060 Posted September 24, 2017 Share Posted September 24, 2017 The only thing I can think of would be a browser setting or security software you may have configured to clear that out at certain times. Link to comment Share on other sites More sharing options...
SkyBehind 23 Posted September 25, 2017 Share Posted September 25, 2017 I've experienced the same thing since update to 3.2.32.0 Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 26, 2017 Share Posted September 26, 2017 are you both using nginx as your reverse proxy? Post that config, leave out your domain name. Link to comment Share on other sites More sharing options...
scott0830 1 Posted September 26, 2017 Author Share Posted September 26, 2017 I'm glad I'm not the only experiencing this, makes me feel better. Here's my config for my proxy pass nginx #proxy for Emby Server location /emby { proxy_pass http://127.0.0.1:8096; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $remote_addr; proxy_set_header X-Forwarded-Protocol $scheme; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } Link to comment Share on other sites More sharing options...
Luke 37060 Posted September 26, 2017 Share Posted September 26, 2017 @@pir8radio have you seen this? Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 26, 2017 Share Posted September 26, 2017 (edited) I'm glad I'm not the only experiencing this, makes me feel better. Here's my config for my proxy pass nginx #proxy for Emby Server location /emby { proxy_pass http://127.0.0.1:8096; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $remote_addr; proxy_set_header X-Forwarded-Protocol $scheme; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } can you post your whole config? include the HTTP and SERVER sections please? If we cant figure it out via your config, you can PM me your server address I can probably spot whats going on, maybe create a temp test account with no real access. Also I don't think you need these lines in your particular setup: proxy_set_header X-Forwarded-Proto $remote_addr; proxy_set_header X-Forwarded-Protocol $scheme; proxy_redirect off; @@pir8radio have you seen this? No not on my server. Edited September 26, 2017 by pir8radio Link to comment Share on other sites More sharing options...
scott0830 1 Posted September 26, 2017 Author Share Posted September 26, 2017 (edited) Sure! I've been using this same config for a year and half, even with those portions you said I shouldn't need (used this as a guide: https://gist.github.com/flip-bs/e2f8453000b3d345777897055c906647 FYI). Haven't experienced any issues with emby until this latest patch and this isn't a major issue IMO just a slight inconvenience. #http redirect server { listen "port"; server_name subdomain.domain.com; root /usr/share/nginx/html; index index.html index.htm; location / { if ($scheme = http) { return 301 https://$server_name$request_uri; } } } # HTTPS server # server { # root services listen "port"; server_name subdomain.domain.com; root /usr/share/nginx/html; index index.html index.htm; #proxy for Emby Server location /emby { proxy_pass http://127.0.0.1:8096; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $remote_addr; proxy_set_header X-Forwarded-Protocol $scheme; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } # SSL Stuff ssl on; ssl_certificate /etc/letsencrypt/live/subdomain.domain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/subdomain.domain.com/privkey.pem; # managed by Certbot add_header Strict-Transport-Security "max-age=31557600; includeSubDomains"; ssl_stapling on; ssl_stapling_verify on; # Your favorite resolver may be used instead of the Google one below resolver 8.8.8.8; ssl_session_timeout 5m; #ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; #ssl_prefer_server_ciphers on; # random seed for TLS. ssl_dhparam /etc/nginx/ssl/dhparams.pem; location ~ /.well-known { allow all; } add_header X-Content-Type-Options "nosniff" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Xss-Protection "1"; #add_header Content-Security-Policy "default-src 'self'; script-src 'self' *.domain.com"; } Edited September 26, 2017 by scott0830 Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 26, 2017 Share Posted September 26, 2017 Ok you can remove any of that info from your previous post you want to remain hidden. what happens when you remove the /emby from location /emby { and just make it location / { reload the nginx on that box. Link to comment Share on other sites More sharing options...
scott0830 1 Posted September 26, 2017 Author Share Posted September 26, 2017 I was pretty sure I took out any of the personal stuff out of my the config (now i see i missed my ports). Anyways, I'd prefer not to remove /emby as I have other applications running on that box as well, just cut those out of the config before posting. I can do that and test if I need to though. Link to comment Share on other sites More sharing options...
morpheus65535 3 Posted September 27, 2017 Share Posted September 27, 2017 Got the same problem with Apache reverse proxy: ProxyPass /embywebsocket ws://10.0.0.5:8096/embywebsocket ProxyPassReverse /embywebsocket wss://10.0.0.5:8096/embywebsocket ProxyPass /emby http://10.0.0.5:8096/emby ProxyPassReverse /emby http://10.0.0.5:8096/emby I've using this config for almost 2 years. Link to comment Share on other sites More sharing options...
Solution pir8radio 1292 Posted September 27, 2017 Solution Share Posted September 27, 2017 (edited) I was pretty sure I took out any of the personal stuff out of my the config (now i see i missed my ports). Anyways, I'd prefer not to remove /emby as I have other applications running on that box as well, just cut those out of the config before posting. I can do that and test if I need to though. if you use a sub domain setup XXXX.yourdomain.com you don't need the /emby no matter how many other servers you are running, they should all use different ports. The nginx server contacts the back end servers based on ip:port in your current config. Remove it everything should still work as it does, hopefully without the auto logout. Let us know how it goes. Reverse proxy users, you should always try NOT to use /emby to the back end server if you can. you dont need it if you use a sub domain like emby.yourdomain.com, if you use a SUB DIRECTORY yourdomain.com/emby for the entry address then you can still strip off the /emby before passing the url to the backend server. /emby breaks things, and I bet emby software depreciates it eventually, I wouldn't rely on it, it always creates issues. For subdirectory users that want to learn how to strip the /emby from the backend see this post: https://emby.media/community/index.php?/topic/45351-sync-with-reverse-proxy-not-working-correctly/?p=425907 Edited September 27, 2017 by pir8radio 1 Link to comment Share on other sites More sharing options...
Happy2Play 8281 Posted September 27, 2017 Share Posted September 27, 2017 I see the same issue on a standard Windows install connecting remotely. Sure I can select remember me and avoid the issue but without that option selected, if you refresh in any browser you are bounced to login page. Http and https same results. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 27, 2017 Share Posted September 27, 2017 (edited) I see the same issue on a standard Windows install connecting remotely. Sure I can select remember me and avoid the issue but without that option selected, if you refresh in any browser you are bounced to login page. Http and https same results. Using the /emby url? Didn't it always log you out if you didnt have remember me checked? If not then that is probably the issue.. Edited September 27, 2017 by pir8radio Link to comment Share on other sites More sharing options...
arrbee99 1559 Posted September 27, 2017 Share Posted September 27, 2017 I see the same issue on a standard Windows install connecting remotely. Sure I can select remember me and avoid the issue but without that option selected, if you refresh in any browser you are bounced to login page. Http and https same results. As is this ? https://emby.media/community/index.php?/topic/50662-chrome-thing/ Link to comment Share on other sites More sharing options...
Happy2Play 8281 Posted September 27, 2017 Share Posted September 27, 2017 As is this ? https://emby.media/community/index.php?/topic/50662-chrome-thing/ Yes that issue, but locally it is fine it is only Remote connection (never mentioned in topic). Using the /emby url? Didn't it always log you out if you didnt have remember me checked? If not then that is probably the issue.. Well default connection on at lease Windows via WANIP or DDNS (http://xxxxxxxxxxx.homeserver.com:8096 or http://xxxxxxxx.homeserver.com:8096/emby) get same results. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 27, 2017 Share Posted September 27, 2017 (edited) @@scott0830 Even if there is another underlying issue, I would still setup nginx correctly since you are using a sub domain, and strip the /emby sync, and other app features will work incorrectly otherwise. Edited September 27, 2017 by pir8radio Link to comment Share on other sites More sharing options...
mwongjay 64 Posted September 27, 2017 Share Posted September 27, 2017 I've also not seen this issue with local or remote clients. I use nginx as a reverse proxy for external clients using ssl. I'm on v3.2.32.7. I've posted my nginx config below. location /emby { proxy_pass https://192.168.20.14:8920; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $remote_addr; proxy_set_header X-Forwarded-Protocol $scheme; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } Link to comment Share on other sites More sharing options...
scott0830 1 Posted September 27, 2017 Author Share Posted September 27, 2017 @pir8radio I ripped out /emby and that does seem to resolve my logout issue. Thanks for the fix! Thanks for the help! 1 Link to comment Share on other sites More sharing options...
morpheus65535 3 Posted September 27, 2017 Share Posted September 27, 2017 @@pir8radio Removing the /emby in my Apache reverse proxy fixed the problem for my subdomain configuration: ProxyPass /embywebsocket ws://10.0.0.5:8096/embywebsocket ProxyPassReverse /embywebsocket wss://10.0.0.5:8096/embywebsocket ProxyPass /emby http://10.0.0.5:8096 ProxyPassReverse /emby http://10.0.0.5:8096 Thanks! 1 Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 27, 2017 Share Posted September 27, 2017 (edited) @@scott0830 @@morpheus65535 Thanks for considering the solution guys, I know it seems strange especially considering it had been working for years... I've always ran into random issues with the /emby I bet its hard for the emby team to maintain that "reverse proxy fix" through all platforms and changes they are doing. But not having it in there provides a little cleaner/transparent reverse proxy setup as well. Edited September 27, 2017 by pir8radio Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now