Modify

Opened 4 years ago

Closed 4 months ago

#11038 closed defect (fixed)

Login fails due to issues with opening sibling Trac environments

Reported by: Steffen Hoffmann Owned by: Steffen Hoffmann
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: login
Cc: Ryan J Ollos Trac Release: 0.11

Description (last modified by Steffen Hoffmann)

The following issue has been reported to trac-users mailing-list by Mario Fetka:

i get this error when i login to trac that is running via tracd via ajp via apache2.

i get a traceback only when logging in as admin:

File "/usr/lib64/python2.7/site-packages/trac/web/main.py", line 522,
in _dispatch_request
  dispatcher.dispatch(req)
File "/usr/lib64/python2.7/site-packages/trac/web/main.py", line 243,
in dispatch
  resp = chosen_handler.process_request(req)
File "/usr/lib64/python2.7/site-packages/acct_mgr/web_ui.py", line
428, in process_request
  return auth.LoginModule.process_request(self, req)
File "/usr/lib64/python2.7/site-packages/trac/web/auth.py", line 115,
in process_request
  self._do_login(req)
File "/usr/lib64/python2.7/site-packages/acct_mgr/web_ui.py", line
539, in _do_login
  self._distribute_cookie(req, cookie.value)
File "/usr/lib64/python2.7/site-packages/acct_mgr/web_ui.py", line
586, in _distribute_cookie
  env = open_environment(path, use_cache=True)
File "/usr/lib64/python2.7/site-packages/trac/env.py", line 659, in
open_environment
  env = env_cache.setdefault(env_path, open_environment(env_path))
File "/usr/lib64/python2.7/site-packages/trac/env.py", line 665, in
open_environment
  env = Environment(env_path)
File "/usr/lib64/python2.7/site-packages/trac/env.py", line 216, in __init__
  self.verify()
File "/usr/lib64/python2.7/site-packages/trac/env.py", line 319, in verify
  assert fd.read(26) == 'Trac Environment Version 1'

Attachments (0)

Change History (5)

comment:1 Changed 4 years ago by Steffen Hoffmann

Seems like login code related to the recently introduced Single-Sign-On functionality for multiple Trac environments inside a parent directory should be improved to become more robust. Thanks for the report.

comment:2 Changed 4 years ago by Steffen Hoffmann

Description: modified (diff)

comment:3 Changed 4 years ago by Steffen Hoffmann

(In [13015]) AccountManagerPlugin: Improve authentication data distribution, refs #11038.

While aiming at graceful handling of probably failing open_environment() calls I realized some issues, that have been subsequently corrected:

  • acct_mgr.web_ui.LoginModule._get_name_for_cookie: transient configuration changes - not thread-safe
  • acct_mgr.web_ui.LoginModule._get_name_for_cookie: 'req.remote_user' unavailable on regular requests, causing authentication data distribution to fail or update data for persistent sessions with invalid session ID
  • acct_mgr.web_ui.LoginModule._expire_cookie: use of a class attribute as cache across requests - not thread-safe
  • unconditional authentication data distribution attempts: should only act on explicite local configuration of option 'auth_cookie_path'

comment:4 Changed 2 years ago by Steffen Hoffmann

Status: newaccepted

comment:5 Changed 4 months ago by Ryan J Ollos

Resolution: fixed
Status: acceptedclosed

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.