Project

General

Profile

Actions

Bug #23920

closed

Lift Async system is not able to find spring SecurityContextHolder

Added by François ARMAND 11 months ago. Updated 7 months ago.

Status:
Released
Priority:
N/A
Category:
Architecture - Code maintenance
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

In https://github.com/Normation/rudder/pull/5229 I changed the way that CurrentUser was computed and stored in session because it lead to error in several page.

At the time, I supposed it was due to the session fixation prevention process built in spring security, and that lift was trying to use the old (destroyed) session in place of the new one in some context.
That first correction helped, but we still have a problem: in the context of async requests (at least when using lazy-load which uses under the hood AsyncRenderComet.asyncRender), SecurityContextHolder is lost.

I suppose it have to do with the way the session snapshot is done, and perhaps of a similar cause than previously (session moved in the async context?)


Related issues 3 (0 open3 closed)

Related to Rudder - Architecture #23797: Backend evolution for node RBAC: add tenants domain conceptReleasedVincent MEMBRÉActions
Related to Rudder - Bug #24017: Webapp can fail to start with null sessionid error ReleasedFrançois ARMANDActions
Related to Rudder - Bug #24117: Missing policy generation statusReleasedVincent MEMBRÉActions
Actions #1

Updated by François ARMAND 11 months ago

  • Status changed from New to In progress
Actions #2

Updated by François ARMAND 11 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/rudder/pull/5267
Actions #3

Updated by Anonymous 11 months ago

  • Status changed from Pending technical review to Pending release
Actions #4

Updated by François ARMAND 10 months ago

  • Related to Bug #5229: ncf-api needs to adjust permissions on .git added
Actions #5

Updated by François ARMAND 10 months ago

  • Related to deleted (Bug #5229: ncf-api needs to adjust permissions on .git )
Actions #6

Updated by François ARMAND 10 months ago

  • Related to Architecture #23797: Backend evolution for node RBAC: add tenants domain concept added
Actions #7

Updated by François ARMAND 10 months ago

  • Related to Bug #24017: Webapp can fail to start with null sessionid error added
Actions #8

Updated by François ARMAND 9 months ago

  • Related to Bug #24117: Missing policy generation status added
Actions #9

Updated by Vincent MEMBRÉ 7 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 8.1.0~alpha1 which was released today.

Actions

Also available in: Atom PDF