Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent unwanted session extension (#3574) #3583

Merged
merged 1 commit into from Mar 7, 2017

Conversation

dennisoelkers
Copy link
Member

Description

Motivation and Context

This is a port of #3574 for the 2.2 branch.

Without this change, there are some periodical calls to the backend which extend the user's session every call, so user session expiration never kicks in.

This change sets the X-Graylog-No-Session-Extension header to true for those calls, prevent unnecessary session extension. As this happens in several parts of the code, a helper method is create doing this, which can be easily used in the future when there are more periodical calls added.

Fixes #3565.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

* Use correct header for periodic updates to prevent session extension.
* Updating NodesStore only if logged in.
* Creating helper method to prevent duplication of code.

(cherry picked from commit 8900350)
@bernd
Copy link
Member

bernd commented Mar 7, 2017

Does this need any changes to plugins as well? I guess there are several plugins which use polling to update things.

@dennisoelkers
Copy link
Member Author

If they do not do it the proper way already, yes. Which plugins do polling?

@bernd
Copy link
Member

bernd commented Mar 7, 2017

If they do not do it the proper way already, yes. Which plugins do polling?

I don't know, didn't research that.

@joschi joschi self-assigned this Mar 7, 2017
@joschi joschi merged commit d3b3ed7 into 2.2 Mar 7, 2017
@joschi joschi deleted the prevent-unwanted-session-extension-2.2 branch March 7, 2017 11:40
@joschi joschi modified the milestones: 2.2.3, 2.2.2 Mar 7, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants