Opened 11 years ago
Closed 10 years ago
#63 closed task (fixed)
LabWiki authentication failure
| Reported by: | johren@bbn.com | Owned by: | jack.hong@nicta.com.au |
|---|---|---|---|
| Priority: | blocker | Milestone: | GEC18 |
| Component: | Authentication/Authorization | Version: | WrapUp |
| Keywords: | Cc: | divyashri.bhat@gmail.com | |
| Dependencies: |
Description
Friday morning, Divya started getting an authentication failure when logging in to Labwiki on port 4400. I am also getting the same failure. After authenticating with GENI Portal, we get a page that says "Authentication Failed."
Change History (3)
comment:1 Changed 11 years ago by
comment:2 Changed 11 years ago by
I ran a test session of LabWiki on emmy9 , port 4401 and found that the problem is this:
- The Warden::OpenID uses Rack::Session::Cookie which has a size limit of 4K (4096 bytes). The main problem is that the cookie is not cleared for every session. That is why the authentication failure message occurs after a few login sessions (4 for me).
- Since we have the project and slice information being passed in the Cookie, it most likely will exceed 4k and we may need to increase the size limit of the cookie.
Note: See
TracTickets for help on using
tickets.
I don't know if this helps but I ran the LabWiki? on another port to look at the logs and it seems there is an error involving URI of the user.
Here is the log: I, [2013-10-18T13:53:35.504259 #1735] INFO -- OpenID: WARNING: making https request to https://portal.geni.net/server/server.php without verifying server certificate; no CA path was specified. I, [2013-10-18T13:53:35.611438 #1735] INFO -- OpenID: WARNING: making https request to https://portal.geni.net/server/server.php/idpXrds without verifying server certificate; no CA path was specified. I, [2013-10-18T13:53:35.742850 #1735] INFO -- OpenID: Generated checkid_setup request to https://portal.geni.net/server/server.php with assocication {HMAC-SHA1}{526174cd}{zzQOzA==} I, [2013-10-18T13:53:47.729550 #1735] INFO -- OpenID: Error attempting to use stored discovery information: OpenID::TypeURIMismatch I, [2013-10-18T13:53:47.729721 #1735] INFO -- OpenID: Attempting discovery to verify endpoint I, [2013-10-18T13:53:47.729815 #1735] INFO -- OpenID: Performing discovery on https://portal.geni.net/server/server.php/idpage?user=dbhat I, [2013-10-18T13:53:47.731189 #1735] INFO -- OpenID: WARNING: making https request to https://portal.geni.net/server/server.php/idpage?user=dbhat without verifying server certificate; no CA path was specified. I, [2013-10-18T13:53:47.854674 #1735] INFO -- OpenID: WARNING: making https request to https://portal.geni.net/server/server.php/userXrds?user=dbhat without verifying server certificate; no CA path was specified. Warning! Rack::Session::Cookie data size exceeds 4K. Warning! Rack::Session::Cookie failed to save session. Content dropped.