| Summary | Logout failed with mysql session handler |
| Queue | Horde Framework Packages |
| Queue Version | FRAMEWORK_3 |
| Type | Bug |
| State | Duplicate |
| Priority | 2. Medium |
| Owners | Horde Developers (at) |
| Requester | falon (at) csi (dot) it |
| Created | 10/31/2008 (6094 days ago) |
| Due | |
| Updated | 06/30/2009 (5852 days ago) |
| Assigned | 12/07/2008 (6057 days ago) |
| Resolved | 06/30/2009 (5852 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
State ⇒ Duplicate
Ticket #7931.DB : mysql-4.1.11 (tables using default engine MyISAM)
I think I meet the same pb. It works perfectly with file-based
sessions but it rocks much more for me with Mysql-based sessions.
I'll add that :
1. If I try to delete a message, it fails too with the same message
"We cannot verify that this request was..." without error in logs :
Jan 23 18:43:37 HORDE [debug] [horde] SQL Query by
essionHandler_mysql::_read(): query = "SELECT session_data FROM
horde_sessionhandler WHERE session_id = 'l4itih4bh7aj2qof1l2mr9br37'
FOR UPDATE" [pid 17265 on line 139 of
"/var/www/horde/lib/Horde/SessionHandler/mysql.php"]
Jan 23 18:43:37 HORDE [debug] [imp] We cannot verify that this request
was really sent by you. It could be a malicious request. If you
intended to perform this action, you can retry it now. [pid 17265 on
line 176 of "/var/www/horde/lib/Horde/Notification.php"]
2. I can't logout when app=imp (it is shown in the url), but I can
logout properly when app=horde.
3. It works if I use a distinct database for horde_sessionhandler
(InnoDB and MyISAM too).
For instance the logs when I delete a message :
Jan 23 18:54:31 HORDE [debug] [horde] SQL Query by
essionHandler_mysql::_read(): query = "SELECT session_data FROM
horde_sessionhandler WHERE session_id = 'vej5n9hm0q2lt68tud8q26ajr1'
FOR UPDATE" [pid 17423 on line 139 of
"/var/www/horde/lib/Horde/SessionHandler/mysql.php"]
Jan 23 18:54:31 HORDE [debug] [horde] Session data unchanged (id =
vej5n9hm0q2lt68tud8q26ajr1) [pid 17423 on line 253 of
"/var/www/horde/lib/Horde/SessionHandler.php"]
4. Using separate databases allows me to use the persistent
connections with the global database but not with the database
dedicated for the horde_sessionhandler table (cannot connect anymore
with error in logs :
Jan 23 12:29:53 HORDE [error] [horde] Error retrieving session data
(id = fh5kqpdsi4gihmodguds5rdl03): Lock wait timeout exceeded; try
restarting transaction [pid 15201 on line 144 of
"/var/www/horde/lib/Horde/SessionHandler/mysql.php"]
I don't know what parameters I missed in horde ? php ? mysql ?
Hope it helps.
State ⇒ Assigned
Assigned to
Queue ⇒ Horde Framework Packages
with the same settings for 'persistent'. At one point, I thought the
cookie settings in Firefox (keep or remove on exit) had an influence,
but I'm not sure anymore.
Software used is Horde 3.3, IMP 4.3, PHP 5.2.6 on Apache 2.2.10, MySQL
5.0.45, all running on Solaris 10.
you using innodb tables?
I made some test again.
If I set conf[sessionhandler][params][persistent] to true, then I
don't have logout issue, but after login session freezes. Sometime I
can browse imap folder and navigate for a while, but finally browser
freezes. The error I see into log is this:
"2008-11-06T10:43:00.348816+01:00 vm HORDE[22497]: [horde] Error
retrieving session data (id = m4h77vd7f9tl94v9q7ludjbca4): Lock wait
timeout exceeded; try restarting transaction [pid 22497 on line 144 of
"/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler/mysql.php"]
2008-11-06T10:43:52.354482+01:00 vm HORDE[22497]: [imp] Error writing
session data: Lock wait timeout exceeded; try restarting transaction
[pid 22497 on line 185 of
"/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler/mysql.php"]
2008-11-06T10:44:44.361514+01:00 vm HORDE[22497]: [horde] Error
retrieving session data (id = m4h77vd7f9tl94v9q7ludjbca4): Lock wait
timeout exceeded; try restarting transaction [pid 22497 on line 144 of
"/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler/mysql.php"] "
If I set conf[sessionhandler][params][persistent] to false, I don't
have problem. Horde is fast and work well. But if I try logout, I
receive this error: "We cannot verify that this request was really
sent by you. It could be a malicious request". If I go back to
previous page I reload horde, so no logout happens.
MySQL is 5.0.32.
State ⇒ Feedback
using innodb tables?
Milestone ⇒
State ⇒ Unconfirmed
Patch ⇒ No
Queue ⇒ Horde Groupware Webmail Edition
Summary ⇒ Logout failed with mysql session handler
Type ⇒ Bug
Priority ⇒ 1. Low
I would notice failed logout from horde when I set MySql session
handler. After logout the following page has shown:
"We cannot verify that this request was really sent by you. It could
be a malicious request."
This happens only after the upgrade with same configuration from
horde-groupware-webmail edition 1.1.3.
I set logging to debug, but I don't see particular info when the error
page is loaded:
2008-10-31T13:27:48.521862+01:00 vm-wm1 HORDE[27594]: [horde] SQL
Query by SessionHandler_mysql::_read(): query = "SELECT session_data
FROM horde_sessionhandler WHERE session_id =
'rfs2mupupttp6g45cq37gqpkv3' FOR UPDATE" [pid 27594 on line 139 of
"/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler/mysql.php"]
2008-10-31T13:27:48.530715+01:00 vm-wm1 HORDE[27594]: [horde]
Connected to the following memcache servers:23.23.23.23:11211,
23.23.23.24:11211, 23.23.23.25:11211, 23.23.23.26:11211,
23.23.23.27:11211 [pid 27594 on line 127 of
"/var/www/html/horde-webmail-1.2/lib/Horde/Memcache.php"]
2008-10-31T13:27:48.605488+01:00 vm-wm1 HORDE[27594]: [horde] Max
memory usage: 7864320 bytes [pid 27594 on line 339 of
"/var/www/html/horde-webmail-1.2/lib/Horde/Registry.php"]
2008-10-31T13:27:49.509675+01:00 vm-wm1 HORDE[27573]: [horde] SQL
Query by SessionHandler_mysql::_read(): query = "SELECT session_data
FROM horde_sessionhandler WHERE session_id =
'spg7isdick0fifkop111ksjlk6' FOR UPDATE" [pid 27573 on line 139 of
"/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler/mysql.php"]
2008-10-31T13:27:49.531630+01:00 vm-wm1 HORDE[27573]: [horde]
Connected to the following memcache servers:23.23.23.23:11211,
23.23.23.24:11211, 23.23.23.25:11211, 23.23.23.26:11211,
23.23.23.27:11211 [pid 27573 on line 127 of
"/var/www/html/horde-webmail-1.2/lib/Horde/Memcache.php"]
2008-10-31T13:27:49.556592+01:00 vm-wm1 HORDE[27573]: [horde] Max
memory usage: 7077888 bytes [pid 27573 on line 339 of
"/var/www/html/horde-webmail-1.2/lib/Horde/Registry.php"]
2008-10-31T13:27:49.563092+01:00 vm-wm1 HORDE[27573]: [horde] Session
data unchanged (id = spg7isdick0fifkop111ksjlk6) [pid 27573 on line
253 of "/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler.php"]
This is my conf.php:
$conf['vhosts'] = false;
$conf['debug_level'] = E_ALL & ~E_NOTICE;
$conf['max_exec_time'] = 0;
$conf['compress_pages'] = true;
$conf['secret_key'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$conf['umask'] = 077;
$conf['use_ssl'] = 2;
$conf['server']['name'] = $_SERVER['SERVER_NAME'];
$conf['server']['port'] = $_SERVER['SERVER_PORT'];
$conf['urls']['token_lifetime'] = 60;
$conf['urls']['hmac_lifetime'] = 30;
$conf['urls']['pretty'] = false;
$conf['safe_ips'] = array();
$conf['session']['name'] = 'Horde';
$conf['session']['use_only_cookies'] = true;
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 0;
$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
$conf['cookie']['path'] = '/';
$conf['sql']['persistent'] = true;
$conf['sql']['username'] = 'userdb';
$conf['sql']['password'] = 'xxxx';
$conf['sql']['hostspec'] = 'host.it';
$conf['sql']['port'] = 3355;
$conf['sql']['protocol'] = 'tcp';
$conf['sql']['database'] = 'mydb';
$conf['sql']['charset'] = 'iso-8859-1';
$conf['sql']['splitread'] = false;
$conf['sql']['phptype'] = 'mysql';
$conf['auth']['admins'] = array('hordemaster');
$conf['auth']['checkip'] = true;
$conf['auth']['checkbrowser'] = true;
$conf['auth']['alternate_login'] = false;
$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['params']['app'] = 'imp';
$conf['auth']['driver'] = 'application';
$conf['signup']['allow'] = false;
$conf['log']['priority'] = PEAR_LOG_DEBUG;
$conf['log']['ident'] = 'HORDE';
$conf['log']['params'] = array();
$conf['log']['name'] = LOG_LOCAL6;
$conf['log']['type'] = 'syslog';
$conf['log']['enabled'] = true;
$conf['log_accesskeys'] = false;
$conf['prefs']['params']['driverconfig'] = 'horde';
$conf['prefs']['driver'] = 'sql';
$conf['alarms']['params']['driverconfig'] = 'horde';
$conf['alarms']['params']['ttl'] = 300;
$conf['alarms']['driver'] = 'sql';
$conf['datatree']['params']['driverconfig'] = 'horde';
$conf['datatree']['driver'] = 'sql';
$conf['group']['driverconfig'] = 'horde';
$conf['group']['driver'] = 'sql';
$conf['group']['cache'] = false;
$conf['perms']['driverconfig'] = 'horde';
$conf['perms']['driver'] = 'sql';
$conf['share']['no_sharing'] = true;
$conf['share']['any_group'] = false;
$conf['share']['cache'] = false;
$conf['share']['driver'] = 'sql';
$conf['cache']['default_lifetime'] = 86400;
$conf['cache']['driver'] = 'memcache';
$conf['lock']['params']['driverconfig'] = 'horde';
$conf['lock']['driver'] = 'sql';
$conf['token']['params']['driverconfig'] = 'horde';
$conf['token']['driver'] = 'sql';
$conf['mailer']['params']['host'] = 'smtp.it';
$conf['mailer']['params']['auth'] = false;
$conf['mailer']['type'] = 'smtp';
$conf['mailformat']['brokenrfc2231'] = false;
$conf['vfs']['type'] = 'none';
$conf['sessionhandler']['params']['persistent'] = true;
$conf['sessionhandler']['params']['rowlocking'] = true;
$conf['sessionhandler']['params']['port'] = 3355;
$conf['sessionhandler']['params']['protocol'] = 'tcp';
$conf['sessionhandler']['params']['hostspec'] = 'host.it';
$conf['sessionhandler']['params']['username'] = 'userdb';
$conf['sessionhandler']['params']['password'] = 'xxxxx';
$conf['sessionhandler']['params']['database'] = 'mydb';
$conf['sessionhandler']['type'] = 'mysql';
$conf['sessionhandler']['memcache'] = false;
$conf['mime']['magic_db'] = '/usr/share/file/magic';
$conf['problems']['email'] = 'falon@csi.it';
$conf['problems']['maildomain'] = 'csi.it';
$conf['problems']['tickets'] = false;
$conf['problems']['attachments'] = true;
$conf['menu']['apps'] = array();
$conf['menu']['always'] = false;
$conf['menu']['links']['help'] = 'all';
$conf['menu']['links']['options'] = 'authenticated';
$conf['menu']['links']['problem'] = 'never';
$conf['menu']['links']['login'] = 'all';
$conf['menu']['links']['logout'] = 'authenticated';
$conf['hooks']['permsdenied'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['preauthenticate'] = true;
$conf['hooks']['postauthenticate'] = false;
$conf['hooks']['authldap'] = false;
$conf['hooks']['groupldap'] = false;
$conf['portal']['fixed_blocks'] = array('horde:weatherdotcom');
$conf['weatherdotcom']['partner_id'] = 'xxxxxxxx';
$conf['weatherdotcom']['license_key'] = 'xxxxxxxx';
$conf['accounts']['params']['host'] = '23.23.23.29';
$conf['accounts']['params']['port'] = 388;
$conf['accounts']['params']['basedn'] = 'c=IT';
$conf['accounts']['params']['binddn'] = 'brother';
$conf['accounts']['params']['password'] = 'syster';
$conf['accounts']['params']['attr'] = 'uid';
$conf['accounts']['params']['version'] = '3';
$conf['accounts']['params']['strip'] = false;
$conf['accounts']['driver'] = 'ldap';
$conf['user']['verify_from_addr'] = false;
$conf['imsp']['enabled'] = false;
$conf['kolab']['enabled'] = false;
$conf['memcache']['hostspec'] = array('23.23.23.23', '23.23.23.24',
'23.23.23.25', '23.23.23.26', '23.23.23.27');
$conf['memcache']['port'] = array('11211', '11211', '11211', '11211',
'11211');
$conf['memcache']['weight'] = array('1', '1', '1', '1', '1');
$conf['memcache']['persistent'] = true;
$conf['memcache']['compression'] = false;
$conf['memcache']['large_items'] = true;
$conf['memcache']['enabled'] = true;
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */
I see that logout works if I use memcache as custom session handler.
I thank you very much
Best Regards
marco