Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Problems with ProxyConnect (not authenticating)

edited December 2010 in Vanilla 2.0 - 2.8
I have a custom application at:
I've installed Vanilla 2.0.16 at:
I've installed Vanilla Proxyconnect 1.8.4, set it as the authentication method, and edited the file per this report
from 1254 if (!$Success) to 1254 if ($Success)
I've setup my custom integration file:
This file returns a blank page if a user is not authenticated with my custom app. And content like this for an authenticated user:
UniqueID=23 Name=Jeremy Anderson

My test process is this:
1. Log out of vanilla forum, and custom app
2. Delete all cookies in browser
3. Visit the Forum, and I'm not signed in
4. Click the "Sign In" link, get forwarded to my application login page, login to my application as the user shown above (23)
5. Visit the Forum, and it does not show me signed in, should I see a dialog box prompting me to create an account?
6. Check the vanauth.php page and it lists the right details
7. Repeat the steps above, but logging in as a a different user, same problem

Suspected problem possibilities:
- HTTPS with a self signed cert
- Cookies: (see image shot 2010-12-15 at 10.02.23 AM.png) Vanilla / Vanilla-Volatile / PHPSESSID /

PHP Version 5.3.0
System Darwin fuxi.local 10.5.0 Darwin Kernel Version 10.5.0: Fri Nov 5 23:20:39 PDT 2010; root:xnu-1504.9.17~1/RELEASE_I386 i386

Apache Version Apache/2.2.12 (Unix) DAV/2 mod_ssl/2.2.12 OpenSSL/0.9.8k PHP/5.3.0 mod_perl/2.0.4 Perl/v5.10.0


  • Options
    i'm guessing the problem is HTTPS - looking at the ProxyRequest() function called by ProxyConnect(), if you don't have curl compiled-in to php then it will use fsockopen() to send a regular http/1.1 request.

    my webserver responds to this with "Bad request".
  • Options
    Check your Apache access.log. If you see lines like:"\x16\x03\x01" 200 5418 then it is most definately an SSL issue. Run a phpinfo(); locally and check that cURL is compiled with the same version of OpenSSL!
  • Options

    I had the same problem when using a self-signed SSL cert in my dev environment. It works fine in prod, where I'm using a Comodo-issued SSL cert.

Sign In or Register to comment.