Project

General

Profile

Actions

Bug #12489

closed

Cannot login into 2 different Rudder with the same URL - apocalypse ensues

Added by Raphael GAUTHIER over 6 years ago. Updated almost 3 years ago.

Status:
Rejected
Priority:
N/A
Assignee:
-
Category:
Security
Target version:
Severity:
Major - prevents use of part of Rudder | no simple workaround
UX impact:
User visibility:
Infrequent - complex configurations | third party integrations
Effort required:
Large
Priority:
10
Name check:
Fix check:
Regression:

Description

Something (not so) funny happened.

I was working on my development platform (localhost/rudder), and I wanted to log in my test platform (localhost:8381/rudder). Once I logged in it, strange things started to happen...
I couldn't logout anymore from my dev platform, I got this error in my Eclise console:

WARN  net.liftweb.http.LiftRules - Unmapped Lift-like parameter seen in request [/lift/ajax/F1031420927474V324VA-00/]: F1031420927497KWOPVO

So I reloaded the page and fall back on the login form. And from there, I couldn't login anymore. Each times I tried, I got this error :

WARN  application - Login authentication failed for user 'unknown' from IP '127.0.0.1|X-Forwarded-For:::1': Maximum sessions of 2 for this principal exceeded

I tried to use private mode, or a different navigator, but the error persisted. The only way I found to be able to login again is to delete the browser cookies, then restart the Jetty server.

However, It works well if I use localhost/rudder for my dev platform and 192.168.XXX.XXX/rudder form my test platform.


Related issues 1 (1 open0 closed)

Related to Rudder - Architecture #16051: Re-authentication error in postgres doesn't kill existing poolNewActions
Actions #1

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.1.12 to 4.1.13
Actions #2

Updated by Benoît PECCATTE over 6 years ago

  • Target version changed from 4.1.13 to 411
Actions #3

Updated by Benoît PECCATTE over 6 years ago

  • Target version changed from 411 to 4.1.13
Actions #4

Updated by Benoît PECCATTE over 6 years ago

  • Severity set to Critical - prevents main use of Rudder | no workaround | data loss | security
  • User visibility set to Infrequent - complex configurations | third party integrations
  • Priority changed from 0 to 64

This seems to be a developer machine only problem

Actions #5

Updated by François ARMAND over 6 years ago

  • Subject changed from Cannot log in 2 different Rudder with the same URL to Cannot login into 2 different Rudder with the same URL - apocalypse ensues
Actions #6

Updated by Benoît PECCATTE over 6 years ago

Did you try with changing localhost definition in /etc/hosts

For example using 127.0.0.1 instead of ::1

Actions #7

Updated by Benoît PECCATTE over 6 years ago

  • Severity changed from Critical - prevents main use of Rudder | no workaround | data loss | security to Major - prevents use of part of Rudder | no simple workaround
  • Effort required set to Large
  • Priority changed from 64 to 11
Actions #8

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.1.13 to 4.1.14
Actions #9

Updated by Benoît PECCATTE over 6 years ago

  • Target version changed from 4.1.14 to 4.1.15
  • Priority changed from 11 to 10
Actions #10

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.1.15 to 4.1.16
Actions #11

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.1.16 to 4.1.17
Actions #12

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.1.17 to 4.1.18
Actions #13

Updated by Vincent MEMBRÉ almost 6 years ago

  • Target version changed from 4.1.18 to 4.1.19
Actions #14

Updated by Alexis Mousset almost 6 years ago

  • Target version changed from 4.1.19 to 4.1.20
  • Priority changed from 10 to 9
Actions #15

Updated by François ARMAND almost 6 years ago

  • Target version changed from 4.1.20 to 4.1.21
Actions #16

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.21 to 4.1.22
Actions #17

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.22 to 4.1.23
Actions #18

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.23 to 4.1.24
Actions #19

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.24 to 588
Actions #20

Updated by Alexis Mousset over 5 years ago

  • Target version changed from 588 to 5.0.13
Actions #21

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 5.0.13 to 5.0.14
Actions #22

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.14 to 5.0.15
Actions #23

Updated by Elaad FURREEDAN about 5 years ago

  • Related to Architecture #16051: Re-authentication error in postgres doesn't kill existing pool added
Actions #24

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.15 to 5.0.16
Actions #25

Updated by Alexis Mousset almost 5 years ago

  • Target version changed from 5.0.16 to 5.0.17
Actions #26

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.17 to 5.0.18
Actions #27

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.18 to 5.0.19
Actions #28

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.19 to 5.0.20
Actions #29

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.20 to 797
Actions #30

Updated by Benoît PECCATTE over 3 years ago

  • Target version changed from 797 to 6.1.14
Actions #31

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.14 to 6.1.15
Actions #32

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.15 to 6.1.16
Actions #33

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.16 to 6.1.17
Actions #34

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.17 to 6.1.18
  • Priority changed from 9 to 10
Actions #35

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.18 to 6.1.19
Actions #36

Updated by François ARMAND almost 3 years ago

  • Status changed from New to Rejected

We won't ever correct that. It's a developper specific issue, which happened just one time. Perhaps it was corrected since then.
If we find other occurences of that in more common scenario, we will open an other ticket.

Actions

Also available in: Atom PDF