OpenStack Dashboard (Horizon)

HorizonMiddleware class causes excessive session creation

Bug #1211535 reported by Eric Peterson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
Medium
Eric Peterson
OpenStack Dashboard (Horizon) 2014.1 "icehouse"

Bug Description

In HorizonMiddleware there are several session fields that get addressed / setup that can create sessions. If there is any type of health check script (which does not maintain sessions) that hits a non authenticated url, then many sessions will be created.

If using cookie backed sessions this is less of an issue, but when using db backed session stores the session count grows too large very quickly.

Propose to place the session field modification in a block with if request.user.is_authenticated(): around it.

See original description
Eric Peterson (ericpeterson-l)
Changed in horizon:
assignee: nobody → Eric Peterson (ericpeterson-l)
Eric Peterson (ericpeterson-l)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/41568

Changed in horizon:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/41568
Committed: http://github.com/openstack/horizon/commit/a62944985d12b5ed516e5fdaf97bb4083c55da41
Submitter: Jenkins
Branch: master

commit a62944985d12b5ed516e5fdaf97bb4083c55da41
Author: ericpeterson-l <email address hidden>
Date: Mon Aug 12 16:37:05 2013 -0600

    Fix middleware to not access session fields without user auth

    Change-Id: I18bccfa900b25b3ccb1f2514b2c5c0450b54af2d
    Fixes: bug #1211535

Changed in horizon:
status: In Progress → Fix Committed
Lin Hua Cheng (lin-hua-cheng)
Changed in horizon:
milestone: none → havana-3
importance: Undecided → Medium
Revision history for this message
Lin Hua Cheng (lin-hua-cheng) wrote :

Moving status back to confirmed, the patch has been reverted due to tempest job failing: https://review.openstack.org/#/c/42033/

Changed in horizon:
status: Fix Committed → Confirmed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/42240

Changed in horizon:
status: Confirmed → In Progress
Gabriel Hurley (gabriel-hurley)
Changed in horizon:
milestone: havana-3 → havana-rc1
Revision history for this message
Julie Pichon (jpichon) wrote :

It would be nice to have a version of the original patch in Horizon as well, as currently we're calculating session timeout even when idling on the login page, which is surprising.

Revision history for this message
Julie Pichon (jpichon) wrote :

Current django_openstack_auth patch at https://review.openstack.org/#/c/42147/

Revision history for this message
Gabriel Hurley (gabriel-hurley) wrote :

I've pushed 1.1.3 of django_openstack_auth to PyPI. I believe that makes this done now.

Changed in horizon:
status: In Progress → Fix Committed
Gabriel Hurley (gabriel-hurley)
Changed in horizon:
status: Fix Committed → In Progress
milestone: havana-rc1 → icehouse-1
tags: added: havana-rc-potential
Thierry Carrez (ttx)
tags: removed: havana-rc-potential
Changed in horizon:
milestone: icehouse-1 → havana-rc2
Revision history for this message
Gabriel Hurley (gabriel-hurley) wrote :

Note: we are now looking at this review again: https://review.openstack.org/#/c/42240/

Revision history for this message
David Lyle (david-lyle) wrote :

I'm not super confident in this one at this late date. If there's anything wrong with it, it's location is too fundamental to be benign. I'd prefer to bump this one to Icehouse.

Revision history for this message
Gabriel Hurley (gabriel-hurley) wrote :

Since this turned out to have further issues (described on the review) this doesn't look safe for RC2. Pushing back to I1 to be fully addressed there.

Changed in horizon:
milestone: havana-rc2 → icehouse-1
Thierry Carrez (ttx)
Changed in horizon:
milestone: icehouse-1 → icehouse-2
David Lyle (david-lyle)
Changed in horizon:
milestone: icehouse-2 → icehouse-3
Matthias Runge (mrunge)
Changed in horizon:
assignee: Eric Peterson (ericpeterson-l) → nobody
status: In Progress → Confirmed
OpenStack Infra (hudson-openstack)
Changed in horizon:
assignee: nobody → Eric Peterson (ericpeterson-l)
status: Confirmed → In Progress
Thierry Carrez (ttx)
Changed in horizon:
milestone: icehouse-3 → icehouse-rc1
David Lyle (david-lyle)
Changed in horizon:
milestone: icehouse-rc1 → next
Matthias Runge (mrunge)
Changed in horizon:
milestone: next → icehouse-rc1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/42240
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=2364b695c2b37b08ac1cec75f98a5c6364908ef7
Submitter: Jenkins
Branch: master

commit 2364b695c2b37b08ac1cec75f98a5c6364908ef7
Author: ericpeterson-l <email address hidden>
Date: Thu Aug 15 17:13:22 2013 -0600

    Fix middleware to not access session fields without user auth

    Change-Id: Idc2b71aa9ca08570e870ac6e356211dfbaa7a726
    Fixes: bug #1211535

Changed in horizon:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in horizon:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in horizon:
milestone: icehouse-rc1 → 2014.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.