Edgewall Software
Modify

Opened 17 years ago

Closed 14 years ago

#6763 closed defect (worksforme)

Sessions broken intermittently for multi-project trac

Reported by: stou@… Owned by: Jonas Borgström
Priority: normal Milestone:
Component: web frontend Version: 0.11.3
Severity: normal Keywords: session authentication verify
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description (last modified by Christian Boos)

My setup is:

  • Trac 0.11b
  • Apache 2.2.8
  • mod_wsgi
  • mod_digest authentication
  • PostgreSQL database

The trac environment is setup for multi-project trac, using os.environ['TRAC_ENV_PARENT_DIR']. All of the projects use the same digest realm, but some of the projects are restricted from viewing by non-authenticated users. At one point it was possible to authenticate in one trac project and go to another and simply click 'login'. Now this works intermittently, sometimes truncating the session table fixes the problem. Sometimes clicking the login link a couple of times will also help.

The apache configuration is nearly identical to: http://code.google.com/p/modwsgi/wiki/IntegrationWithTrac except that my trac sites are under a virtual domain. with WSGIScriptAlias set to '/'.

Attachments (0)

Change History (10)

comment:1 by stou@…, 17 years ago

I sort of solved this by commenting out the following lines in session.py:Session.__init

# if req.incookie.has_key(COOKIE_KEY): # sid = req.incookie[COOKIE_KEY].value # self.promote_session(sid)

It seemed to me that for some reason trac is setting a session cookie, then checking it and disregarding the digest authentication data. I may be suffering from a misconfiguration.

I won't close the ticket because it _may_ be a bug, but I've hacked it on my end.

comment:2 by John Hampton, 17 years ago

Resolution: invalid
Status: newclosed

After a bit of a lengthy discussion, the issue turned out to be a missing AuthDigestDomain in the <LocationMatch> directive providing the authentication.

http://pacopablo.com/irclogs/2008/02/04#T13:49:54

comment:3 by John Hampton, 17 years ago

Resolution: invalid
Status: closedreopened

Appears that the issue isn't currently fixed.

http://pacopablo.com/irclogs/2008/02/04#T13:56:40

comment:4 by Jeroen Ruigrok van der Werven, 17 years ago

I committed a missing db.commit() yesterday to the session.py code, it may be relevant (or not).

comment:5 by Remy Blank, 16 years ago

Keywords: needinfo added

Is this still an issue with 0.11.1?

comment:6 by stou@…, 16 years ago

This is still an issue with 0.11.2-1 again commenting out the req.incookie thing around line 155 of Session.init fixes the problem

else:

#if req.incookie.has_key(COOKIE_KEY): # sid = req.incookie[COOKIE_KEY].value # self.promote_session(sid) self.get_session(req.authname, authenticated=True)

It seems that if COOKIE_KEY is found things don't work right. While testing this whenever I would screw up the code and get a server crash, after fixing the crash it would log me in correctly.

A secondary issue is that I have to click 'login' for it to log me in, it should automatically log me in whenever I visit another trac site from my current set of sites.

comment:7 by stou@…, 16 years ago

Resolution: fixed
Status: reopenedclosed

It seems to have been fixed in 11.3

comment:8 by stou, 16 years ago

Resolution: fixed
Status: closedreopened
Version: 0.11b10.11.3

Sorry, actually it's not fixed with 0.11.3

comment:9 by Christian Boos, 16 years ago

Component: generalweb frontend
Description: modified (diff)
Keywords: session authentication verify added; needinfo removed
Milestone: 0.12.1

Looks hard to troubleshoot short of reproducing your configuration (mod_wsgi, mod_digest, multiple environments sharing the same realm).

comment:10 by Christian Boos, 14 years ago

Milestone: next-minor-0.12.x
Resolution: worksforme
Status: reopenedclosed

Please reopen if someone has a similar issue with recent Trac (in particular, 0.12.2 might have improved things with #9951).

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Jonas Borgström.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Jonas Borgström to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.