Project

General

Profile

Actions

Bug #25123

closed

Authentication happens twice with same session id

Added by Clark ANDRIANASOLO 6 months ago. Updated 3 months ago.

Status:
Released
Priority:
N/A
Category:
Security
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
I was bothered the first time
User visibility:
First impressions of Rudder
Effort required:
Small
Priority:
95
Name check:
To do
Fix check:
Checked
Regression:
No

Description

When logging in as a Rudder user, I successfully log in but I see an error log about a database unique constraint violation error on (userid, sessionid) from the UserRepository#logStartSession method :

2024-07-09 13:26:03+0000 INFO  application - Rudder authentication attempt for principal 'admin' with backend 'file': success
2024-07-09 13:26:03.351:WARN :oejs.HttpChannel:qtp125622176-20: /rudder/j_spring_security_check
Exception in thread "zio-fiber-1175" com.normation.errors$SystemError: SystemError(Error when saving session 'node06kqmzsp107cm1ezn7dr0uf1tw2' info for user 'admin',org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique constraint "usersessions_pkey"|  Detail: Key (userid, sessionid)=(admin, node06kqmzsp107cm1ezn7dr0uf1tw2) already exists.)|?at zio.interop.ZioMonadErrorE.raiseError.trace(cats.scala:628)|?at cats.Monad.map(Monad.scala:35)|?at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)|?at cats.Monad.map(Monad.scala:35)|?at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)|?at cats.Monad.map(Monad.scala:35)|?at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)|?at cats.Monad.map(Monad.scala:35)|?at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)|?at cats.Monad.map(Monad.scala:35)|?at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)|?at cats.free.Free.foldMap(Free.scala:166)|?at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)|?at cats.effect.kernel.Resource.fold(Resource.scala:173)|?at com.normation.rudder.db.Doobie.transactIOResult(Doobie.scala:93)|?at com.normation.rudder.users.JdbcUserRepository.logStartSession(UserRepository.scala:622)|?at com.normation.zio.ZioRuntime.unsafeRun(ZioCommons.scala:445)
    at zio.interop.ZioMonadErrorE.raiseError.trace(cats.scala:628)
    at cats.Monad.map(Monad.scala:35)
    at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)
    at cats.Monad.map(Monad.scala:35)
    at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)
    at cats.Monad.map(Monad.scala:35)
    at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)
    at cats.Monad.map(Monad.scala:35)
    at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)
    at cats.Monad.map(Monad.scala:35)
    at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)
    at cats.free.Free.foldMap(Free.scala:166)
    at zio.interop.ZioMonadError.tailRecM.loop(cats.scala:604)
    at cats.effect.kernel.Resource.fold(Resource.scala:173)
    at com.normation.rudder.db.Doobie.transactIOResult(Doobie.scala:93)
    at com.normation.rudder.users.JdbcUserRepository.logStartSession(UserRepository.scala:622)
    at com.normation.zio.ZioRuntime.unsafeRun(ZioCommons.scala:445)
2024-07-09 13:26:10+0000 INFO  application - Rudder authentication attempt for principal 'admin' with backend 'file': success

The database error suggests that we are executing the authenticate method twice with the same context (session and user).

We would like to know in which cases this happens, and at least avoid throwing this error.


Related issues 1 (0 open1 closed)

Related to Rudder - Bug #24017: Webapp can fail to start with null sessionid error ReleasedFrançois ARMANDActions
Actions #1

Updated by Clark ANDRIANASOLO 6 months ago

  • Related to Bug #24017: Webapp can fail to start with null sessionid error added
Actions #2

Updated by Clark ANDRIANASOLO 6 months ago

  • Description updated (diff)
Actions #3

Updated by Clark ANDRIANASOLO 6 months ago

  • File deleted (clipboard-202407091608-isen3.png)
Actions #4

Updated by Clark ANDRIANASOLO 6 months ago

  • Description updated (diff)
Actions #5

Updated by Clark ANDRIANASOLO 6 months ago

The error happened when :
  • starting a long "archive export" process
  • restarting the webapp in the middle of the process
  • logging in again
Actions #6

Updated by Vincent MEMBRÉ 5 months ago

  • Target version changed from 8.1.6 to 8.1.7
Actions #8

Updated by Clark ANDRIANASOLO 4 months ago

  • Status changed from New to In progress
  • Assignee set to Clark ANDRIANASOLO
Actions #9

Updated by Clark ANDRIANASOLO 4 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Clark ANDRIANASOLO to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/5818
Actions #10

Updated by Clark ANDRIANASOLO 4 months ago

  • Status changed from Pending technical review to Pending release
  • Priority changed from 97 to 96
Actions #11

Updated by Clark ANDRIANASOLO 3 months ago

  • Priority changed from 96 to 95
  • Fix check changed from To do to Checked
Actions #12

Updated by Vincent MEMBRÉ 3 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 8.1.7 which was released today.

Actions

Also available in: Atom PDF