Sitemap controls only working local, not remote

Setup, Configuration and Use Items & Sitemaps
,
1
  • Platform information:
    • Hardware: x64
    • OS: linux debian
    • Java Runtime Environment: 17.0.8
    • openHAB version: 4.0.2

I’ve been running Openhab2 for a long time, very simply setup - just enough to connect to my CBus lighting and control a handful of lights using the habpanel UI on my mobile. I’ve had a renewed enthusiasm and have upgraded to OH4 and am setting up my model properly.

I’m running OH on my linux server which runs a number of services that I expose via an apache2 reverse proxy, all using pretty much the same theme - either docker containers listing http on a non-80 port, or a local installed application listening on a non-80 port (this is what OH is). So https://openhab.mydomain.com is handled by apache including SSL, and forwards the request to the local openhab port (8080).

I’ve connected the android app, specifying local address to be http://192.168.x.x:8080/ and specified my admin username and password. The app gives me a warning to say it’s not secure - not https, but everything works.
The remote server is https://openhab.mydomain.com, same username and password, and when I turn off wifi, the app connects successfully.

If I turn wifi on and go to the Main UI and locations, I can control all my configured lights. Turn off wifi, app reconnects, and everything still works. Happy days.

Now for the problem … I’ve created a basic sitemap which is a single block with 2 controls - one dimmer and one fan speed control just to test. Connected to my local network, everything works fine. But if I turn off wifi and connect remotely, I can navigate the sitemap, and if I make changes to it, those changes are reflected almost immediately. But the controls don’t do anything. Nothing shows in the openhab.log or the events.log.

This is my sitemap:

sitemap home label="Home" {
  Frame label="Upstairs" {
    Text item=loc_master_bedroom label="Master" {
        Slider switchSupport
            item=Master_BR_Downlights_Level_Channel
            label="Downlights"
        Selection
            item=Master_BR_Fan_Level_Channel
            label="Ceiling Fan"
            mappings=[0="Off", 33="Slow", 66="Medium", 100="Fast"]
    }
  }
}

Not sure where I should be looking to figure this out

2

Does the same thing happen using both the Android app and a web browser?

3

Good suggestion.
Same thing happens, but I do get a little more information using a browser. With wifi enabled, I get my sitemap UI, but I get an error message at the bottom:

Offline: waiting for connection to become available

Despite what this message indicates, the controls still work.

If I turn wifi off and refresh, the error message changes to:

SSE subscription failed (401 Unauthorized): running in fallback mode

Also, editing the HAB Panel via mobile browser on wifi works flawlessly, but using a remote connection it partially works. It gives me a Connection lost! Trying to reconnect... message, but I can still navigate, create and edit widgets, but if I try to add a thing, the drop down is empty. Back on wifi, refresh, and it all works again.

Checking my apache logs, it’s throwing 401 unauthorized when I access via internet, but not local.

I went back to the android app and changed the local server to be the same as the remote server (ie, https://openhab.mydomain.com) and it now gives me an error:

Event subscription failed, Widget refresh may be impaired.

When logged in via mobile browser remotely, if I try to make adjustments using the habpanel UI, I see a POST and a GET in the apache logs, but the changes aren’t made.

When logged in via mobile browser remotely, if I try to make adjustments using the sitemap UI, I see a heap of GET returning 401, and no changes are made.

4

OK, so it’s my lack of understanding of the authentication. Silly me assumed that if I created an admin user with a password I could just use that. I had turned implicit user mode off, but turning that back on, and relying only the htpasswd authentication seems to have things working as expected.

Security / authentication does seem to be a little confusing.