First Last Prev Next    This bug is not in your last search results.
Bug 46574 - App installation loses session when logged in with Single Sign-On
App installation loses session when logged in with Single Sign-On
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: App Center
UCS 4.3
Other Linux
: P5 normal (vote)
: UCS 4.3
Assigned To: Dirk Wiesenthal
Erik Damrose
: interim-4
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-09 15:44 CET by Erik Damrose
Modified: 2019-03-01 21:09 CET (History)
3 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 4: A User would return the product
User Pain: 0.229
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Erik Damrose univentionstaff 2018-03-09 15:44:42 CET 
UCS 4.3, DVD install, public App Center. Installing Etherpad.

Logged in via saml:
09.03.18 15:32:21.827  MAIN        ( PROCESS ) : auth_type='SAML'

I get asked for the Administrator password when opening an App in the UMC module, as expected. App installation is started, but is not finished. I receive the following traceback.

09.03.18 15:34:42.199  MAIN        ( PROCESS ) : CPCommand (10.200.29.68:50472) response status code: 401
09.03.18 15:34:42.199  MAIN        ( PROCESS ) : CPCommand (10.200.29.68:50472) response message: Diese Aktion erfordert die Eingabe Ihres Passwortes.
09.03.18 15:34:42.199  MAIN        ( PROCESS ) : CPCommand (10.200.29.68:50472) response result: {'password_required': True}
09.03.18 15:34:42.199  MAIN        ( PROCESS ) : CPCommand (10.200.29.68:50472) response error: {'traceback': None, 'command': 'sync_ldap'}
09.03.18 15:34:51.677  MAIN        ( PROCESS ) : SessionClient(0x7f99dc163510): _authenticated: success=True  status=200  message=None
09.03.18 15:34:51.677  MAIN        ( PROCESS ) : auth_type=None
09.03.18 15:37:26.733  MAIN        ( ERROR   ) : Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond
    response.body = self.handler()
  File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__
    self.body = self.oldhandler(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cpdispatch.py", line 61, in __call__
    return self.callable(*self.args, **self.kwargs)
  File "/usr/sbin/univention-management-console-web-server", line 762, in default
    return self.get_response(self.create_sessionid(), path, self.get_arguments(kwargs))
  File "/usr/sbin/univention-management-console-web-server", line 916, in get_response
    response = super(CPCommand, self).get_response(sessionid, path, args)
  File "/usr/sbin/univention-management-console-web-server", line 790, in get_response
    auth.body = {'username': user.username, 'password': user.saml.message if user.saml else user.password, 'auth_type': "SAML" if user.saml else None}
AttributeError: 'NoneType' object has no attribute 'username'

No relevant log entires in appcenter.log or m-c-m-appcenter.log at 15:37. If i reopen the app center module, the app is shown as installed. The docker container is running, but i cannot access the webinterface.
Comment 1 Dirk Wiesenthal univentionstaff 2018-03-09 17:32:36 CET 
First results:
1) Not yet reproducable. Might be a problem with a lost session, but it does not always happen.
2) App installation did not abort, the UMC just lost the connection. After a while, Etherpad is up and running
Comment 2 Erik Damrose univentionstaff 2018-03-09 17:48:36 CET 
Jürn had a suggestion to look at the timestamp when the password was entered. 'auth type None' seems suspicious...

m-c-m-appcenter.log:

09.03.18 15:34:42.198  MODULE      ( PROCESS ) : Diese Aktion erfordert die Eingabe Ihres Passwortes.
09.03.18 15:34:51.676  MODULE      ( PROCESS ) : Setting auth type to None
Comment 3 Dirk Wiesenthal univentionstaff 2018-03-12 17:02:55 CET 
Improved in
  univention-management-console 10.0.4-4A~4.3.0.201803121702
Comment 4 Dirk Wiesenthal univentionstaff 2018-03-12 17:36:27 CET 
This traceback was introduced by a change in Bug#44068. But I do think that lost sessions were a problem before and after the commit.

I could reproduce this behaviour twice now. Interestingly, only with Etherpad. This seems odd, as the Docker App should not interfere with anything UMC related.

The second time with the patch, I was asked again for the password. Nothing in the logs tells me why. So we still lose the progress bar; the installation finishes without the user. But at least no traceback...
Comment 5 Erik Damrose univentionstaff 2018-03-12 18:14:39 CET 
OK: Traceback is gone. In my test, the popup to reenter the password came after the app installation finished.

I am not very happy with this chain of bugs that merely put one band aid on top of another. Here, we hide the traceback. The referenced Bug#44068 is verified with "The original problem from the Bug description is not addressed with this fix." But it seems to hold for now, so... verified
Comment 6 Stefan Gohmann univentionstaff 2018-03-14 14:38:21 CET 
UCS 4.3 has been released:
 https://docs.software-univention.de/release-notes-4.3-0-en.html
 https://docs.software-univention.de/release-notes-4.3-0-de.html

If this error occurs again, please use "Clone This Bug".
First Last Prev Next    This bug is not in your last search results.