Mahara

Password for Redis server cannot be configured

Bug #1939962 reported by Lorenz Ulrich on 2021-08-14

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Mahara	Triaged	Wishlist	Unassigned

Bug Description

A session handler other than "file" is required if the SAML plugin is to be used. When using a single Redis instance, the following configuration options are available:

$cfg->sessionhandler = 'redis';
$cfg->ssphpsessionhandler = 'redis';
$cfg->redisserver = 'redis:6379';

Nowadays it's quite common to set a password for accessing the Redis instance. However, Mahara doesn't allow setting one.

The following calls are affected:

auth/lib.php

ini_set('session.save_path', 'tcp://' . $master->ip . ':' . $master->port . '?prefix=' . get_config('redisprefix'));

could be using a new setting "redispassword" as follows:

ini_set('session.save_path', 'tcp://' . $master->ip . ':' . $master->port . '?auth=' . get_config('redispassword') . '&prefix=' . get_config('redisprefix'));

Also, the password should be made available to SimpleSamlPHP which is compatible to Redis servers with password (see auth/saml/extlib/simplesamlphp/lib/SimpleSAML/Store/Redis.php).

Tested with Mahara 21.04.01.

Tags:

Kristina Hoeppner (kris-hoeppner) on 2021-08-16

Changed in mahara:
importance:	Undecided → Wishlist
status:	New → Triaged

Revision history for this message

Tony Butler (tonyjbutler) wrote on 2023-07-19:

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.