-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add token validation to curvature. #3
Comments
What is happening when you see this error? It looks like Curvature is sending Donabe a request for a Deployed Container without supplying an ID. Try re-initializing the Curvature DB with: rake db:drop If that doesn't work try it for Donabe as well. |
Had to really wipe out cookies for the instance to get it to recover. (after resetting the db for both apps, and restarting both services). R On Oct 17, 2013, at 10:33 AM, johndavidge <notifications@github.commailto:notifications@github.com> rake db:drop |
Further investigation lead me to discover that if Curvature sends Donabe a request for the list of Deployed Containers but didn't send a valid X-Auth-Token in the message header Donabe would attempt to fall back onto a deprecated cookie-based authentication system. This has now been removed and replaced with an HTTP 401 response. This does not however explain why Curvature is sending bad tokens in the first place. |
Bad tokens may be delivered from expired sessions, as from a browser that recovers after having been asleep for a period of time. R Sent from a device On Oct 18, 2013, at 9:06 AM, "johndavidge" <notifications@github.commailto:notifications@github.com> wrote: Further investigation lead me to discovered that if Curvature sends Donabe a request for the list of Deployed Containers but didn't send a valid X-Auth-Token in the message header Donabe would attempt to fall back onto a deprecated cookie-based authentication system. This has now been removed and replaced with an HTTP 401 response. This does not however explain why Curvature is sending bad tokens in the first place. — |
I know we've seen something like this before:
<title>Action Controller: Exception caught</title> <style> body { background-color: #fff; color: #333; }ActiveRecord::RecordNotFound in DeployedContainersController#index
Rails.root: /opt/donabe
app/controllers/deployed_containers_controller.rb:23:in
index'</code></pre> </div> <div id="Framework-Trace" style="display: none;"> <pre><code>activerecord (3.2.8) lib/active_record/relation/finder_methods.rb:310:in
find_with_ids'activerecord (3.2.8) lib/active_record/relation/finder_methods.rb:107:in
find' activerecord (3.2.8) lib/active_record/querying.rb:5:in
find'actionpack (3.2.8) lib/action_controller/metal/implicit_render.rb:4:in
send_action' actionpack (3.2.8) lib/abstract_controller/base.rb:167:in
process_action'actionpack (3.2.8) lib/action_controller/metal/rendering.rb:10:in
process_action' actionpack (3.2.8) lib/abstract_controller/callbacks.rb:18:in
block in process_action'activesupport (3.2.8) lib/active_support/callbacks.rb:403:in
_run__671858439435266604__process_action__1395755320764098276__callbacks' activesupport (3.2.8) lib/active_support/callbacks.rb:405:in
__run_callback'activesupport (3.2.8) lib/active_support/callbacks.rb:385:in
_run_process_action_callbacks' activesupport (3.2.8) lib/active_support/callbacks.rb:81:in
run_callbacks'actionpack (3.2.8) lib/abstract_controller/callbacks.rb:17:in
process_action' actionpack (3.2.8) lib/action_controller/metal/rescue.rb:29:in
process_action'actionpack (3.2.8) lib/action_controller/metal/instrumentation.rb:30:in
block in process_action' activesupport (3.2.8) lib/active_support/notifications.rb:123:in
block in instrument'activesupport (3.2.8) lib/active_support/notifications/instrumenter.rb:20:in
instrument' activesupport (3.2.8) lib/active_support/notifications.rb:123:in
instrument'actionpack (3.2.8) lib/action_controller/metal/instrumentation.rb:29:in
process_action' actionpack (3.2.8) lib/action_controller/metal/params_wrapper.rb:207:in
process_action'activerecord (3.2.8) lib/active_record/railties/controller_runtime.rb:18:in
process_action' actionpack (3.2.8) lib/abstract_controller/base.rb:121:in
process'actionpack (3.2.8) lib/abstract_controller/rendering.rb:45:in
process' actionpack (3.2.8) lib/action_controller/metal.rb:203:in
dispatch'actionpack (3.2.8) lib/action_controller/metal/rack_delegation.rb:14:in
dispatch' actionpack (3.2.8) lib/action_controller/metal.rb:246:in
block in action'actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:73:in
call' actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:73:in
dispatch'actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:36:in
call' journey (1.0.4) lib/journey/router.rb:68:in
block in call'journey (1.0.4) lib/journey/router.rb:56:in
each' journey (1.0.4) lib/journey/router.rb:56:in
call'actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:600:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/best_standards_support.rb:17:in
call'rack (1.4.5) lib/rack/etag.rb:23:in
call' rack (1.4.5) lib/rack/conditionalget.rb:25:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/head.rb:14:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/params_parser.rb:21:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/flash.rb:242:in
call' rack (1.4.5) lib/rack/session/abstract/id.rb:210:in
context'rack (1.4.5) lib/rack/session/abstract/id.rb:205:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/cookies.rb:339:in
call'activerecord (3.2.8) lib/active_record/query_cache.rb:64:in
call' activerecord (3.2.8) lib/active_record/connection_adapters/abstract/connection_pool.rb:473:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/callbacks.rb:28:in
block in call' activesupport (3.2.8) lib/active_support/callbacks.rb:405:in
_run__2939623873060620647__call__1731706718715207871__callbacks'activesupport (3.2.8) lib/active_support/callbacks.rb:405:in
__run_callback' activesupport (3.2.8) lib/active_support/callbacks.rb:385:in
_run_call_callbacks'activesupport (3.2.8) lib/active_support/callbacks.rb:81:in
run_callbacks' actionpack (3.2.8) lib/action_dispatch/middleware/callbacks.rb:27:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/reloader.rb:65:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/remote_ip.rb:31:in
call'better_errors (1.0.1) lib/better_errors/middleware.rb:58:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/debug_exceptions.rb:16:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/show_exceptions.rb:56:in
call' railties (3.2.8) lib/rails/rack/logger.rb:26:in
call_app'railties (3.2.8) lib/rails/rack/logger.rb:16:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/request_id.rb:22:in
call'rack (1.4.5) lib/rack/methodoverride.rb:21:in
call' rack (1.4.5) lib/rack/runtime.rb:17:in
call'activesupport (3.2.8) lib/active_support/cache/strategy/local_cache.rb:72:in
call' rack (1.4.5) lib/rack/lock.rb:15:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/static.rb:62:in
call' railties (3.2.8) lib/rails/engine.rb:479:in
call'railties (3.2.8) lib/rails/application.rb:223:in
call' rack (1.4.5) lib/rack/content_length.rb:14:in
call'railties (3.2.8) lib/rails/rack/log_tailer.rb:17:in
call' rack (1.4.5) lib/rack/handler/webrick.rb:59:in
service'/usr/lib/ruby/1.9.1/webrick/httpserver.rb:138:in
service' /usr/lib/ruby/1.9.1/webrick/httpserver.rb:94:in
run'/usr/lib/ruby/1.9.1/webrick/server.rb:191:in
block in start_thread'</code></pre> </div> <div id="Full-Trace" style="display: none;"> <pre><code>activerecord (3.2.8) lib/active_record/relation/finder_methods.rb:310:in
find_with_ids'activerecord (3.2.8) lib/active_record/relation/finder_methods.rb:107:in
find' activerecord (3.2.8) lib/active_record/querying.rb:5:in
find'app/controllers/deployed_containers_controller.rb:33:in
rescue in index' app/controllers/deployed_containers_controller.rb:23:in
index'actionpack (3.2.8) lib/action_controller/metal/implicit_render.rb:4:in
send_action' actionpack (3.2.8) lib/abstract_controller/base.rb:167:in
process_action'actionpack (3.2.8) lib/action_controller/metal/rendering.rb:10:in
process_action' actionpack (3.2.8) lib/abstract_controller/callbacks.rb:18:in
block in process_action'activesupport (3.2.8) lib/active_support/callbacks.rb:403:in
_run__671858439435266604__process_action__1395755320764098276__callbacks' activesupport (3.2.8) lib/active_support/callbacks.rb:405:in
__run_callback'activesupport (3.2.8) lib/active_support/callbacks.rb:385:in
_run_process_action_callbacks' activesupport (3.2.8) lib/active_support/callbacks.rb:81:in
run_callbacks'actionpack (3.2.8) lib/abstract_controller/callbacks.rb:17:in
process_action' actionpack (3.2.8) lib/action_controller/metal/rescue.rb:29:in
process_action'actionpack (3.2.8) lib/action_controller/metal/instrumentation.rb:30:in
block in process_action' activesupport (3.2.8) lib/active_support/notifications.rb:123:in
block in instrument'activesupport (3.2.8) lib/active_support/notifications/instrumenter.rb:20:in
instrument' activesupport (3.2.8) lib/active_support/notifications.rb:123:in
instrument'actionpack (3.2.8) lib/action_controller/metal/instrumentation.rb:29:in
process_action' actionpack (3.2.8) lib/action_controller/metal/params_wrapper.rb:207:in
process_action'activerecord (3.2.8) lib/active_record/railties/controller_runtime.rb:18:in
process_action' actionpack (3.2.8) lib/abstract_controller/base.rb:121:in
process'actionpack (3.2.8) lib/abstract_controller/rendering.rb:45:in
process' actionpack (3.2.8) lib/action_controller/metal.rb:203:in
dispatch'actionpack (3.2.8) lib/action_controller/metal/rack_delegation.rb:14:in
dispatch' actionpack (3.2.8) lib/action_controller/metal.rb:246:in
block in action'actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:73:in
call' actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:73:in
dispatch'actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:36:in
call' journey (1.0.4) lib/journey/router.rb:68:in
block in call'journey (1.0.4) lib/journey/router.rb:56:in
each' journey (1.0.4) lib/journey/router.rb:56:in
call'actionpack (3.2.8) lib/action_dispatch/routing/route_set.rb:600:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/best_standards_support.rb:17:in
call'rack (1.4.5) lib/rack/etag.rb:23:in
call' rack (1.4.5) lib/rack/conditionalget.rb:25:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/head.rb:14:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/params_parser.rb:21:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/flash.rb:242:in
call' rack (1.4.5) lib/rack/session/abstract/id.rb:210:in
context'rack (1.4.5) lib/rack/session/abstract/id.rb:205:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/cookies.rb:339:in
call'activerecord (3.2.8) lib/active_record/query_cache.rb:64:in
call' activerecord (3.2.8) lib/active_record/connection_adapters/abstract/connection_pool.rb:473:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/callbacks.rb:28:in
block in call' activesupport (3.2.8) lib/active_support/callbacks.rb:405:in
_run__2939623873060620647__call__1731706718715207871__callbacks'activesupport (3.2.8) lib/active_support/callbacks.rb:405:in
__run_callback' activesupport (3.2.8) lib/active_support/callbacks.rb:385:in
_run_call_callbacks'activesupport (3.2.8) lib/active_support/callbacks.rb:81:in
run_callbacks' actionpack (3.2.8) lib/action_dispatch/middleware/callbacks.rb:27:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/reloader.rb:65:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/remote_ip.rb:31:in
call'better_errors (1.0.1) lib/better_errors/middleware.rb:58:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/debug_exceptions.rb:16:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/show_exceptions.rb:56:in
call' railties (3.2.8) lib/rails/rack/logger.rb:26:in
call_app'railties (3.2.8) lib/rails/rack/logger.rb:16:in
call' actionpack (3.2.8) lib/action_dispatch/middleware/request_id.rb:22:in
call'rack (1.4.5) lib/rack/methodoverride.rb:21:in
call' rack (1.4.5) lib/rack/runtime.rb:17:in
call'activesupport (3.2.8) lib/active_support/cache/strategy/local_cache.rb:72:in
call' rack (1.4.5) lib/rack/lock.rb:15:in
call'actionpack (3.2.8) lib/action_dispatch/middleware/static.rb:62:in
call' railties (3.2.8) lib/rails/engine.rb:479:in
call'railties (3.2.8) lib/rails/application.rb:223:in
call' rack (1.4.5) lib/rack/content_length.rb:14:in
call'railties (3.2.8) lib/rails/rack/log_tailer.rb:17:in
call' rack (1.4.5) lib/rack/handler/webrick.rb:59:in
service'/usr/lib/ruby/1.9.1/webrick/httpserver.rb:138:in
service' /usr/lib/ruby/1.9.1/webrick/httpserver.rb:94:in
run'/usr/lib/ruby/1.9.1/webrick/server.rb:191:in `block in start_thread'
Request
Parameters:
Show session dump
Show env dump
Response
Headers:
The text was updated successfully, but these errors were encountered: