Univention Bugzilla – Bug 40994
UMC-Webserver: session timeout sometimes broken
Last modified: 2023-06-09 16:36:31 CEST
Created attachment 7578 [details] patch I experienced now twice and could debug a strange behavior with the session timeout in the UMC-Webserver: Every 30 seconds a login window pops up which tells to reauthenticate. The initial session timeout value is not correctly reset to the initial value (e.g. 500) but to 0 which causes that the newly created session is immediately invalid after login. I don't know how to get into that state, it seems to be a race condition. I think it might be reproduced by having an unanswered-request while the session timeout happens plus doing another request then. Attached is a patch. This seems to be a regression caused by the changes for SAML integration.
Afaics this is somehow triggered by the office365 or google apps for work wizard.
Again: UCS Technical training 2016-08-25 with UCS-4.1-3
*** Bug 44636 has been marked as a duplicate of this bug. ***
Again: UCS Technical Training 2019-10-09 with UCS-4.3-2 Suddenly the session times out (after doing something 30s ago). After that I have to re-authenticate several times until UMC works again.
Just happend twice in a row when browsing the App center on our DC Master. I opened the App center, got asked for my password again, re-entered it, then the message popped up that my session expired and I need to re-login. Did that, got back into the App center and had to login again.
Experienced several times in customer presentation. Seemed to appear only in the App Center. I was logged in via SAML.
Again: UCS Technical Training 2018-11-29 with UCS-4.3-2
Again: UCS Technical training 2019-05-08/09 This happend in my and all 5 trainee environments: - During the installation of an UCS Backup in the background we continued working in the UMC. - Suddenly my session expired and I lost all data already entered in a dialog. - I re-logged-in, re-filled all fields manually an created the 2nd VM - Shortly afterwards the session expired again - this time also for all 5 other trainees. I have not correlated the timing exactly, but it seems to be related to the Backup performing its domain join in the background and starting to provide its SAML service, which seems to invalidate the shared memcache?
could be obsolete by Bug #43633.