MAAS

Authentication failure for users with username >32 char length

Bug #1847086 reported by Vladimir Grevtsev
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MAAS
Fix Released
High
Blake Rouse
MAAS 2.7.0b1
2.6
Fix Released
High
Blake Rouse
MAAS 2.6.2

Bug Description

Problem statement:

User can't login to MAAS if "username" property value is more than 32 characters (however, UI tells us "Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.")

Steps to reproduce:

1) Install fresh MAAS
2) Do a sudo maas init
3) Add a new user with username "thisissomestringwith33chars12312" (32 chars)
4) Try to login with this user - it should succeed
5) Add a new user with username "thisissomestringwith33chars123123" (33 chars)
6) Try to login with this user, a login attempt will fail with following error: "The request's session was deleted before the request completed. The user may have logged out in a concurrent request, for example."

An error from regiond.log:

2019-10-07 11:58:27 maasserver: [error] ################################ Exception: The request's session was deleted before the request completed. The user may have logged out in a concurrent request, for example. ################################
2019-10-07 11:58:27 maasserver: [error] Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/maasserver/utils/views.py", line 235, in handle_uncaught_exception
    raise exc from exc.__cause__
  File "/usr/lib/python3/dist-packages/maasserver/utils/views.py", line 298, in get_response
    response = django_get_response(request)
  File "/usr/lib/python3/dist-packages/django/core/handlers/base.py", line 124, in get_response
    response = self._middleware_chain(request)
  File "/usr/lib/python3/dist-packages/maasserver/prometheus/middleware.py", line 51, in __call__
    response = self.get_response(request)
  File "/usr/lib/python3/dist-packages/maasserver/middleware.py", line 335, in __call__
    response = self.get_response(request)
  File "/usr/lib/python3/dist-packages/django/utils/deprecation.py", line 140, in __call__
    response = self.get_response(request)
  File "/usr/lib/python3/dist-packages/django/utils/deprecation.py", line 142, in __call__
    response = self.process_response(request, response)
  File "/usr/lib/python3/dist-packages/django/contrib/sessions/middleware.py", line 61, in process_response
    "The request's session was deleted before the "
django.core.exceptions.SuspiciousOperation: The request's session was deleted before the request completed. The user may have logged out in a concurrent request, for example.

2019-10-07 11:58:27 regiond: [info] 10.211.55.2 POST /MAAS/accounts/login/ HTTP/1.1 --> 500 INTERNAL_SERVER_ERROR (referrer: http://10.211.55.5:5240/MAAS/accounts/login/; agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36)
2019-10-07 11:58:44 regiond: [info] 127.0.0.1 GET /MAAS/rpc/ HTTP/1.1 --> 200 OK (referrer: -; agent: provisioningserver.rpc.clusterservice.ClusterClientService)

Packages:

ubuntu@ubuntu-maas:~$ dpkg -l | grep maas
ii maas 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all "Metal as a Service" is a physical cloud and IPAM
ii maas-cli 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all MAAS client and command-line interface
ii maas-common 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all MAAS server common files
ii maas-dhcp 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all MAAS DHCP server
ii maas-proxy 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all MAAS Caching Proxy
ii maas-rack-controller 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all Rack Controller for MAAS
ii maas-region-api 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all Region controller API service for MAAS
ii maas-region-controller 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all Region Controller for MAAS
ii python3-django-maas 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all MAAS server Django web framework (Python 3)
ii python3-maas-client 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all MAAS python API client (Python 3)
ii python3-maas-provisioningserver 2.6.1-7832-g17912cdc9-0ubuntu1~18.04.1 all MAAS server provisioning libraries (Python 3)

Tags: field-high

Related branches

~blake-rouse/maas:fix-1847086-2.6
MAAS Lander: Approve
Blake Rouse (community): Approve
Diff: 48 lines (+30/-1)
2 files modified
src/maasserver/migrations/maasserver/0195_event_username_max_length.py (+29/-0)
src/maasserver/models/event.py (+1/-1)
~blake-rouse/maas:fix-1847086-2.6
Superseded for merging into maas:master
MAAS Maintainers: Pending requested
Diff: 4405 lines (+2082/-675) (has conflicts)
46 files modified
.eslintrc.js (+3/-0)
Makefile (+29/-0)
buildout.cfg (+393/-0)
debian/changelog (+30/-1)
debian/copyright (+0/-4)
dev/null (+0/-631)
jest.config.js (+6/-0)
package.json (+19/-0)
src/maasserver/forms/pods.py (+14/-0)
src/maasserver/forms/tests/test_pods.py (+18/-0)
src/maasserver/models/signals/scriptresult.py (+17/-0)
src/maasserver/models/signals/tests/test_scriptresult.py (+21/-0)
src/maasserver/monkey.py (+32/-0)
src/maasserver/static/js/angular/controllers/pods_list.js (+5/-0)
src/maasserver/static/js/angular/controllers/settings.js (+114/-0)
src/maasserver/static/js/angular/controllers/tests/test_pods_list.js (+5/-0)
src/maasserver/static/js/angular/controllers/tests/test_settings.js (+264/-0)
src/maasserver/static/js/angular/controllers/tests/test_zones_list.js (+4/-0)
src/maasserver/static/js/angular/directives/machines_table.js (+31/-9)
src/maasserver/static/js/angular/directives/script_status.js (+3/-0)
src/maasserver/static/js/angular/directives/tests/test_machines_table.js (+30/-0)
src/maasserver/static/js/angular/directives/tests/test_script_select.js (+3/-0)
src/maasserver/static/js/angular/entry.js (+1/-7)
src/maasserver/static/js/bundle/maas-min.js (+4/-0)
src/maasserver/static/js/bundle/maas-min.js.map (+5/-1)
src/maasserver/static/js/bundle/vendor-min.js (+4/-0)
src/maasserver/static/js/bundle/vendor-min.js.map (+5/-1)
src/maasserver/static/partials/dashboard.html (+1/-1)
src/maasserver/static/partials/machines-table.html (+24/-2)
src/maasserver/static/partials/networks-list.html (+2/-2)
src/maasserver/static/partials/node-events.html (+1/-1)
src/maasserver/static/partials/nodes-list.html (+70/-1)
src/maasserver/static/partials/pods-list.html (+5/-0)
src/maasserver/static/partials/subnet-details.html (+1/-1)
src/maasserver/static/partials/switches-table.html (+1/-1)
src/maasserver/static/partials/zones-list.html (+6/-0)
src/maasserver/testing/html-loader.js (+0/-0)
src/maasserver/websockets/handlers/tests/test_machine.py (+4/-0)
src/maastesting/parallel.py (+4/-0)
src/maastesting/tests/test_parallel.py (+4/-0)
src/metadataserver/tests/test_api.py (+188/-0)
src/metadataserver/user_data/templates/snippets/maas_run_remote_scripts.py (+8/-0)
src/metadataserver/user_data/templates/snippets/tests/test_maas_run_remote_scripts.py (+20/-0)
src/provisioningserver/utils/version.py (+4/-0)
utilities/release-build (+15/-0)
yarn.lock (+664/-12)
~blake-rouse/maas:fix-1847086
Adam Collard (community): Approve
MAAS Lander: Approve
Diff: 70 lines (+46/-1)
3 files modified
src/maasserver/migrations/maasserver/0195_event_username_max_length.py (+29/-0)
src/maasserver/migrations/maasserver/0201_merge_20191008_1426.py (+16/-0)
src/maasserver/models/event.py (+1/-1)
Blake Rouse (blake-rouse)
Changed in maas:
status: New → Triaged
importance: Undecided → High
milestone: none → 2.7.0alpha1
Revision history for this message
Vladimir Grevtsev (vlgrevtsev) wrote :

Subscribing field-high as this is affecting customer deployment.

tags: added: field-high
Revision history for this message
Blake Rouse (blake-rouse) wrote :
Download full text (4.8 KiB)

Seems the issue is not at the database level as the username field allows up to 150 characters:

maasdb=# \d+ auth_user
                                                            Table "public.auth_user"
    Column | Type | Collation | Nullable | Default | Storage | Stats target | Description
--------------+--------------------------+-----------+----------+---------------------------------------+----------+--------------+-------------
 id | integer | | not null | nextval('auth_user_id_seq'::regclass) | plain | |
 password | character varying(128) | | not null | | extended | |
 last_login | timestamp with time zone | | | | plain | |
 is_superuser | boolean | | not null | | plain | |
 username | character varying(150) | | not null | | extended | |
 first_name | character varying(30) | | not null | | extended | |
 last_name | character varying(30) | | not null | | extended | |
 email | character varying(254) | | | | extended | |
 is_staff | boolean | | not null | | plain | |
 is_active | boolean | | not null | | plain | |
 date_joined | timestamp with time zone | | not null | | plain | |
Indexes:
    "auth_user_pkey" PRIMARY KEY, btree (id)
    "auth_user_email_1c89df09_uniq" UNIQUE CONSTRAINT, btree (email)
    "auth_user_username_key" UNIQUE CONSTRAINT, btree (username)
    "auth_user_email_1c89df09_like" btree (email varchar_pattern_ops)
    "auth_user_username_6821ab7c_like" btree (username varchar_pattern_ops)
Referenced by:
    TABLE "auth_user_groups" CONSTRAINT "auth_user_groups_user_id_6a12ed8b_fk_auth_user_id" FOREIGN KEY (user_id) REFERENCES auth_user(id) DEFERRABLE INITIALLY DEFERRED
    TABLE "auth_user_user_permissions" CONSTRAINT "auth_user_user_permissions_user_id_a95ead1b_fk_auth_user_id" FOREIGN KEY (user_id) REFERENCES auth_user(id) DEFERRABLE INITIALLY DEFERRED
    TABLE "maasserver_filestorage" CONSTRAINT "maasserver_filestorage_owner_id_24d47e43_fk_auth_user_id" FOREIGN KEY (owner_id) REFERENCES auth_user(id) DEFERRABLE INITIALLY DEFERRED
    TABLE "maasserver_iprange" CONSTRAINT "maasserver_iprange_user_id_5d0f7718_fk_auth_user_id" FOREIGN KEY (user_id) REFERENCES auth_user(id) DEFERRABLE INITIALLY DEFERRED
    TABLE "maasserver_node" CONSTRAINT "maasserver_node_owner_id_455bec7f_fk_auth_user_id" FOREIGN KEY (owner_id) REFERENCES auth_user(id) DEFERRABLE INITIALLY DEFERRED
    TABLE "maasserver_...

Read more...

Blake Rouse (blake-rouse)
Changed in maas:
status: Triaged → In Progress
assignee: nobody → Blake Rouse (blake-rouse)
MAAS Lander (maas-lander)
Changed in maas:
status: In Progress → Fix Committed
Adam Collard (adam-collard)
Changed in maas:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.