I am using Koha 3.16.04.000. I am very interested in getting Koha to use OAuth2 for patron login since we use Google Apps for Education. I have two different instances of Koha running, so I have been testing using the one that is not mission critical. I followed the instructions at http://wiki.koha-community.org/wiki/Alternative_OPAC_logins_RFC#Instructions.... The patch applied and so on, and I added the client ID and secret in Koha. But when I navigate to http://koha.theology-vietnam.org/cgi-bin/koha/svc/googleoauth2 I get Error 500. I looked at the most recent output in the Apache error log: [Thu Apr 16 06:42:07 2015] [notice] Graceful restart requested, doing restart PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/curl.so' - /usr/lib/php5/20090626+lfs/curl.so: cannot open shared object f$ PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/ldap.so' - /usr/lib/php5/20090626+lfs/ldap.so: cannot open shared object f$ PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/xmlrpc.so' - /usr/lib/php5/20090626+lfs/xmlrpc.so: cannot open shared obje$ [Thu Apr 16 06:42:08 2015] [notice] Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.17 with Suhosin-Patch configured -- resuming normal operations [Thu Apr 16 11:27:42 2015] [error] an unknown filter was not added: includes I cannot tell much from this (sorry, my server knowledge is patchy). Has anyone gotten this running on Koha 3.16.04? Do I need to make any changes to the patch? Daniel
Daniel Owens schreef op vr 17-04-2015 om 10:13 [+0700]:
I followed the instructions at http://wiki.koha-community.org/wiki/Alternative_OPAC_logins_RFC#Instructions....
Did you do anything else? Because:
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/curl.so' - /usr/lib/php5/20090626+lfs/curl.so: cannot open shared object f$
These are PHP warnings, and neither the patch nor koha uses PHP. Unless you have a specific need for it, I'd recommend uninstalling PHP from your server (those paths also look weird to me, I suspect they're legacy from a dist-upgrade.) However, I doubt they're your actual problem.
[Thu Apr 16 11:27:42 2015] [error] an unknown filter was not added: includes
This is more likely what the problem is. It suggests you've modified your apache config, possibly modifying/adding an 'AddOutputFilter' directive somewhere? There are probably two solutions to this: * fix the output filter directive to be what you really mean, or if it already is * enable the mod_includes module so that it works. You'll have to work out what the appropriate solution for your case is (don't just go with the easier one though, it might not be the correct one.) <xyphoid> there is a Monkey Island west of invercargill - someone had carved GUYBRUSH THREEPWOOD WAS HERE on the lookout -- Robin Sheat Catalyst IT Ltd. ✆ +64 4 803 2204 GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
Robin, Before I forget, thanks for this tip. I am working through your suggestions. Daniel On 4/20/15 5:37 AM, Robin Sheat wrote:
Daniel Owens schreef op vr 17-04-2015 om 10:13 [+0700]:
I followed the instructions at http://wiki.koha-community.org/wiki/Alternative_OPAC_logins_RFC#Instructions.... Did you do anything else? Because:
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/curl.so' - /usr/lib/php5/20090626+lfs/curl.so: cannot open shared object f$ These are PHP warnings, and neither the patch nor koha uses PHP. Unless you have a specific need for it, I'd recommend uninstalling PHP from your server (those paths also look weird to me, I suspect they're legacy from a dist-upgrade.) However, I doubt they're your actual problem.
[Thu Apr 16 11:27:42 2015] [error] an unknown filter was not added: includes This is more likely what the problem is. It suggests you've modified your apache config, possibly modifying/adding an 'AddOutputFilter' directive somewhere?
There are probably two solutions to this: * fix the output filter directive to be what you really mean, or if it already is * enable the mod_includes module so that it works.
You'll have to work out what the appropriate solution for your case is (don't just go with the easier one though, it might not be the correct one.) <xyphoid> there is a Monkey Island west of invercargill - someone had carved GUYBRUSH THREEPWOOD WAS HERE on the lookout
On 4/20/15 5:37 AM, Robin Sheat wrote:
Daniel Owens schreef op vr 17-04-2015 om 10:13 [+0700]:
I followed the instructions at http://wiki.koha-community.org/wiki/Alternative_OPAC_logins_RFC#Instructions.... Did you do anything else? Because:
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/curl.so' - /usr/lib/php5/20090626+lfs/curl.so: cannot open shared object f$ These are PHP warnings, and neither the patch nor koha uses PHP. Unless you have a specific need for it, I'd recommend uninstalling PHP from your server (those paths also look weird to me, I suspect they're legacy from a dist-upgrade.) However, I doubt they're your actual problem. I must have installed phpmyadmin. I have removed the package and its dependencies, and all Apache errors have gone away. [Thu Apr 16 11:27:42 2015] [error] an unknown filter was not added: includes This is more likely what the problem is. It suggests you've modified your apache config, possibly modifying/adding an 'AddOutputFilter' directive somewhere?
There are probably two solutions to this: * fix the output filter directive to be what you really mean, or if it already is * enable the mod_includes module so that it works.
You'll have to work out what the appropriate solution for your case is (don't just go with the easier one though, it might not be the correct one.) <xyphoid> there is a Monkey Island west of invercargill - someone had carved GUYBRUSH THREEPWOOD WAS HERE on the lookout I do not recall modifying any of the mods-enabled files, and nothing in apache2.conf indicates any includes like that.
Furthermore, after a server restart, I see no errors at all in the Apache error log. Does anyone have any further suggestions? Aside from edits to the opac interface that are available from within the Koha Administration interface, about the only thing I have done to modify the original installation is to enable it to be a z39.50 server. Daniel
Daniel Owens schreef op ma 20-04-2015 om 08:22 [+0700]:
I do not recall modifying any of the mods-enabled files, and nothing in apache2.conf indicates any includes like that.
Furthermore, after a server restart, I see no errors at all in the Apache error log.
Then what do you see? How do you know it isn't working? -- Robin Sheat Catalyst IT Ltd. ✆ +64 4 803 2204 GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
On 4/21/15 4:51 AM, Robin Sheat wrote:
Daniel Owens schreef op ma 20-04-2015 om 08:22 [+0700]:
I do not recall modifying any of the mods-enabled files, and nothing in apache2.conf indicates any includes like that.
Furthermore, after a server restart, I see no errors at all in the Apache error log. Then what do you see? How do you know it isn't working?
I get error 500. See http://koha.theology-vietnam.org/cgi-bin/koha/svc/googleoauth2.
Daniel Owens schreef op di 21-04-2015 om 06:13 [+0700]:
I get error 500. See http://koha.theology-vietnam.org/cgi-bin/koha/svc/googleoauth2.
It should be logging somewhere, whether that's in /var/log/koha/instancename/opac-error.log (most likely if you've installed with packages), or somewhere else if not, possibly under /var/log/apache2, but it depends on how you've configured things really. My trick is to tail -F all the log files I can find, and then hit the page that causes the error and see what updates. -- Robin Sheat Catalyst IT Ltd. ✆ +64 4 803 2204 GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
On 4/21/15 6:51 AM, Robin Sheat wrote:
Daniel Owens schreef op di 21-04-2015 om 06:13 [+0700]:
I get error 500. See http://koha.theology-vietnam.org/cgi-bin/koha/svc/googleoauth2. It should be logging somewhere, whether that's in /var/log/koha/instancename/opac-error.log (most likely if you've installed with packages), or somewhere else if not, possibly under /var/log/apache2, but it depends on how you've configured things really.
My trick is to tail -F all the log files I can find, and then hit the page that causes the error and see what updates.
Thanks, I was not aware of that error log. This provided more relevant information than the apache error log: [Tue Apr 21 00:08:29 2015] [error] [client 42.115.194.190] (13)Permission denied: exec of '/usr/share/koha/opac/cgi-bin/opac/svc/googleoauth2' failed [Tue Apr 21 00:08:29 2015] [error] [client 42.115.194.190] Premature end of script headers: googleoauth2 [Tue Apr 21 00:08:37 2015] [error] [client 42.115.194.190] File does not exist: /usr/share/koha/opac/htdocs/opac-tmpl/bootstrap/css/colors.css, referer: http://koha.theology-vietnam.org/cgi-bin/koha/svc/googleoauth2 As I read this, the first error has to do with a permission problem, but I have no idea how to fix it. The second and third seem to suggest something about my configuration or the installation of the patch is not quite right. I will have to look into it when I have a chance. Daniel
Daniel Owens schreef op di 21-04-2015 om 07:15 [+0700]:
As I read this, the first error has to do with a permission problem, but I have no idea how to fix it.
The first two are caused by the same thing: your googleoauth2 file isn't executable. You'll need to chmod +x it.
The second and third seem to suggest something about my configuration or the installation of the patch is not quite right. I will have to look into it when I have a chance.
The third is just the error log side of seeing a 404 error, nothing to worry about right now (though worth fixing in the longer term.) -- Robin Sheat Catalyst IT Ltd. ✆ +64 4 803 2204 GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
On 4/21/15 8:07 AM, Robin Sheat wrote:
Daniel Owens schreef op di 21-04-2015 om 07:15 [+0700]:
As I read this, the first error has to do with a permission problem, but I have no idea how to fix it. The first two are caused by the same thing: your googleoauth2 file isn't executable. You'll need to chmod +x it.
Thanks for this, Robin. You led me to the source of the problem. Chmod helped but then I got another error: [Tue Apr 21 03:40:57 2015] [error] [client 183.81.84.134] (8)Exec format error: exec of '/usr/share/koha/opac/cgi-bin/opac/svc/googleoauth2' failed It turned out that my googleoauth2 file was missing #! /usr/bin/perl in the header, and instead had a partial email address. I am guessing that was due to my own misapplying the patch or something, but if anyone else has this problem, I just fixed the header of the Perl file. Daniel
Daniel Owens schreef op di 21-04-2015 om 10:50 [+0700]:
It turned out that my googleoauth2 file was missing #! /usr/bin/perl in the header, and instead had a partial email address. I am guessing that was due to my own misapplying the patch or something, but if anyone else has this problem, I just fixed the header of the Perl file.
Sweet, hopefully it's all good now :) -- Robin Sheat Catalyst IT Ltd. ✆ +64 4 803 2204 GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
On 4/21/15 12:22 PM, Robin Sheat wrote:
Daniel Owens schreef op di 21-04-2015 om 10:50 [+0700]:
It turned out that my googleoauth2 file was missing #! /usr/bin/perl in the header, and instead had a partial email address. I am guessing that was due to my own misapplying the patch or something, but if anyone else has this problem, I just fixed the header of the Perl file. Sweet, hopefully it's all good now :)
Yes! Thanks for your patient help. Now to get it working on our school's opac. But that should go smoothly since it is the same version of Koha. The one thing I am unclear about is how the redirect url in googleoauth2 is supposed to work. It appears that $host ought to bring in the base url for the opac. It is declared as: my $host = C4::Context->preference('OPACBaseURL'); But then: my $redirecturl = 'http://' . $host . '/cgi-bin/koha/svc/googleoauth2'; Produces an error with Google. I modified it to include the opac base url: my $redirecturl = 'http://' . $host . 'koha.theology-vietnam.org/cgi-bin/koha/svc/googleoauth2'; And that works. Not sure if I have not declared the base url somewhere or what, but my hack at least works. Daniel
participants (2)
-
Daniel Owens -
Robin Sheat