Univention Bugzilla – Bug 38344
Parallel UMC sessions for different ports on the same IP address not possible
Last modified: 2015-11-17 12:12:00 CET
... this is a feature which is needed in the docker environment as different instances are accessed via the same IP address and different ports. This is currently not possible, as one single session cookie is stored for a whole domain.
RFC 6265 states that "cookies for a given host are shared across all the ports on that host": http://tools.ietf.org/html/rfc6265#section-1 The easiest way to deal with this is to implement different cookies for different ports.
I adjusted the cookie names (UMCUsername, UMCSessionID) to the format '*-<port>' if a port is being used for accessing UMC. univention-management-console-frontend (4.1.107-1): r60173 | Bug #38344: Version bump for ucs-container scope r60172 | Bug #38344: allow for parallel UMC sessions on different ports r60161 | Bug #38344: copied ucs-4.0-1/management/univention-management-console-frontend
Just for the records... I did not pay attention to have the system backwards compatible... for the production code, we probably would need this.
(In reply to Alexander Kläser from comment #3) > Just for the records... I did not pay attention to have the system backwards > compatible... for the production code, we probably would need this. For example SingleSignOn is broken if you access UMC via http://fqdn:80/ due to the changes to UMCUsername cookie name.
(In reply to Alexander Kläser from comment #3) > Just for the records... I did not pay attention to have the system backwards > compatible... for the production code, we probably would need this. I tested the old frontend code against the new UMC web server code and vice versa. univention-management-console-frontend (4.1.107-2): r60181 | Bug #38344: ensure backwards compatibility for session cookie handling
(In reply to Florian Best from comment #4) > For example SingleSignOn is broken if you access UMC via http://fqdn:80/ due > to the changes to UMCUsername cookie name. Oops, there were missing calls to lang.hitch() in JavaScript. Fixed, now it seems to work fine (→ umc.tools.renewSession()). univention-management-console-frontend (4.1.107-3): r60188 | Bug #38344: fix errors during UMC SSO request
Please merge the changes to 4.1.
Please merge the changes to UCS 4.1.
(In reply to Stefan Gohmann from comment #8) > Please merge the changes to UCS 4.1. As requested changes have been merged into 4.1 r 63667 Package: univention-management-console-frontend Version: 5.0.22-3.1120.201509150752
Merge and functionality is fine. I added a changelog entry (r64561).
UCS 4.1 has been released: https://docs.software-univention.de/release-notes-4.1-0-en.html https://docs.software-univention.de/release-notes-4.1-0-de.html If this error occurs again, please use "Clone This Bug".