Bug 38344 – Parallel UMC sessions for different ports on the same IP address not possible

Bug 38344 - Parallel UMC sessions for different ports on the same IP address not possible


Summary:	Parallel UMC sessions for different ports on the same IP address not possible

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Docker
Version:	UCS 4.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.1
Assigned To:	Alexander Kramer
QA Contact:	Florian Best

URL:
Keywords:	interim-2

Depends on:
Blocks:	39473 39918
	Show dependency tree / graph

Reported:	2015-04-24 10:40 CEST by Alexander Kläser
Modified:	2015-11-17 12:12 CET (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Kläser

2015-04-24 10:40:51 CEST

... this is a feature which is needed in the docker environment as different instances are accessed via the same IP address and different ports. This is currently not possible, as one single session cookie is stored for a whole domain.

Comment 1 Alexander Kläser

2015-04-24 11:41:51 CEST

RFC 6265 states that "cookies for a given host are shared across all the ports on that host":

  http://tools.ietf.org/html/rfc6265#section-1

The easiest way to deal with this is to implement different cookies for different ports.

Comment 2 Alexander Kläser

2015-04-24 14:35:28 CEST

I adjusted the cookie names (UMCUsername, UMCSessionID) to the format '*-<port>' if a port is being used for accessing UMC.

univention-management-console-frontend (4.1.107-1):
r60173 | Bug #38344: Version bump for ucs-container scope
r60172 | Bug #38344: allow for parallel UMC sessions on different ports
r60161 | Bug #38344: copied ucs-4.0-1/management/univention-management-console-frontend

Comment 3 Alexander Kläser

2015-04-24 15:09:24 CEST

Just for the records... I did not pay attention to have the system backwards compatible... for the production code, we probably would need this.

Comment 4 Florian Best

2015-04-24 15:35:14 CEST

(In reply to Alexander Kläser from comment #3)
> Just for the records... I did not pay attention to have the system backwards
> compatible... for the production code, we probably would need this.
For example SingleSignOn is broken if you access UMC via http://fqdn:80/ due to the changes to UMCUsername cookie name.

Comment 5 Alexander Kläser

2015-04-24 15:49:33 CEST

(In reply to Alexander Kläser from comment #3)
> Just for the records... I did not pay attention to have the system backwards
> compatible... for the production code, we probably would need this.

I tested the old frontend code against the new UMC web server code and vice versa.

univention-management-console-frontend (4.1.107-2):
r60181 | Bug #38344: ensure backwards compatibility for session cookie handling

Comment 6 Alexander Kläser

2015-04-24 16:08:02 CEST

(In reply to Florian Best from comment #4)
> For example SingleSignOn is broken if you access UMC via http://fqdn:80/ due
> to the changes to UMCUsername cookie name.

Oops, there were missing calls to lang.hitch() in JavaScript. Fixed, now it seems to work fine (→ umc.tools.renewSession()).

univention-management-console-frontend (4.1.107-3):
r60188 | Bug #38344: fix errors during UMC SSO request

Comment 7 Stefan Gohmann

2015-08-17 08:53:10 CEST

Please merge the changes to 4.1.

Comment 8 Stefan Gohmann

2015-09-11 06:30:59 CEST

Please merge the changes to UCS 4.1.

Comment 9 Alexander Kramer

2015-09-15 08:01:19 CEST

(In reply to Stefan Gohmann from comment #8)
> Please merge the changes to UCS 4.1.

As requested changes have been merged into 4.1
r 63667
Package: univention-management-console-frontend
Version: 5.0.22-3.1120.201509150752

Comment 10 Florian Best

2015-10-17 20:43:32 CEST

Merge and functionality is fine. I added a changelog entry (r64561).

Comment 11 Stefan Gohmann

2015-11-17 12:12:00 CET

UCS 4.1 has been released:
 https://docs.software-univention.de/release-notes-4.1-0-en.html
 https://docs.software-univention.de/release-notes-4.1-0-de.html

If this error occurs again, please use "Clone This Bug".