1. Sebastian Sebastian
  2. scm-manager

Issues

Issue #273 resolved

Session Timeout

Andreas Kaempf
created an issue

Hi!

The timeout issue is back again.

I set log level to trace and get the following after successful logging in regardless of what I want to do:

11:17:32.303 [qtp1289955330-19] TRACE sonia.scm.web.filter.BasicAuthenticationFilter - could not find user send unauthorized

I tried browser restarts, clearing browser cache, a different browser, restarting scm manager - nothing helped so far.

This is really preventing me from doing the administration, really painful right now!

Comments (28)

  1. Andreas Kaempf reporter

    Scenario how I got the attached files:

    • Server stopped
    • Old logs moved out of the way
    • Server started
    • Firefox started and internal cache cleared
    • Connected to SCM Server
    • Logged in
    • Clicked on Repositories in menu
    • Attached pop-up appears
  2. Sebastian Sebastian repo owner

    It looks like your browser does really lost its session. Do you block cookies in your browser? Could you monitor the request and response headers with "Live HTTP Headers" and post the output? Which version of the ldap plugin do you use?

  3. Sebastian Sebastian repo owner

    I think i found the problem:

    Set-Cookie: JSESSIONID=1psrlp43pe4aasp5jti04cl9m;Path=http://localhost:8080/scm
    

    Jetty thinks his hostname is localhost and that could not work. I don't know why he deliver the wrong hostname, but we can force a hostname. Which operating system do you use for the scm-manager server?

  4. Andreas Kaempf reporter

    Yes, apache2 on Debian Squeeze:

         ProxyRequests Off
         ProxyPreserveHost On
    
        <Proxy *>
                 Order deny,allow
                 Allow from all
        </Proxy>
    
         ProxyPass /scm http://localhost:8080/scm
         ProxyPassReverse /scm http://localhost:8080/scm
         ProxyPassReverseCookiePath /scm http://localhost:8080/scm
    
        <Location /scm>
                 Order allow,deny
                 Allow from all
        </Location>
    
  5. Sebastian Sebastian repo owner

    I found the issue. Your ProxyPassReverseCookiePath configuration is wrong. This url must match the access url. It has to be the servername and the port of your apache installation. E.g.:

         ProxyRequests Off
         ProxyPreserveHost On
    
        <Proxy *>
                 Order deny,allow
                 Allow from all
        </Proxy>
    
         ProxyPass /scm http://localhost:8080/scm
         ProxyPassReverse /scm http://localhost:8080/scm
         ProxyPassReverseCookiePath /scm http://apacheproxyserver/scm
    
        <Location /scm>
                 Order allow,deny
                 Allow from all
        </Location>
    
  6. Stefanos Kalantzis

    Hi :)

    I did a new installation of scm, and I had the same timeout issue.

    My setup was a bit different, so I will post it for the record.

    I wanted scm to be accessed from https://scm.domain.com/ using apache's existing ssl.

    So I created a new site on apache with this config:

    <VirtualHost *:443>
        ServerName scm.domain.com
        AllowEncodedSlashes On
    
        CustomLog /var/log/apache2/scm.log combined
    
        ProxyRequests Off
        <Proxy *>
            Order deny,allow
            Allow from all
        </Proxy>
    
        ProxyPass / http://192.168.178.50:8080/scm-webapp/
        ProxyPassReverse / http://192.168.178.50:8080/scm-webapp/
        ProxyPassReverseCookiePath /scm-webapp /
    
        <Location />
            Order allow,deny
            Allow from all
        </Location>
    
        # SSL...
    </VirtualHost>
    

    The ProxyPassReverseCookiePath instruction was mandatory.

    On the scm configuration part, I only changed the base URL to: https://scm.domain.com/

  7. Log in to comment