Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent unwanted session extension (#3574) #3583

Merged
merged 1 commit into from Mar 7, 2017

Conversation

@dennisoelkers
Copy link
Member

@dennisoelkers dennisoelkers commented Mar 7, 2017

Description

Motivation and Context

This is a port of #3574 for the 2.2 branch.

Without this change, there are some periodical calls to the backend which extend the user's session every call, so user session expiration never kicks in.

This change sets the X-Graylog-No-Session-Extension header to true for those calls, prevent unnecessary session extension. As this happens in several parts of the code, a helper method is create doing this, which can be easily used in the future when there are more periodical calls added.

Fixes #3565.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.
* Use correct header for periodic updates to prevent session extension.
* Updating NodesStore only if logged in.
* Creating helper method to prevent duplication of code.

(cherry picked from commit 8900350)
@dennisoelkers dennisoelkers added this to the 2.2.2 milestone Mar 7, 2017
@bernd
Copy link
Member

@bernd bernd commented Mar 7, 2017

Does this need any changes to plugins as well? I guess there are several plugins which use polling to update things.

@dennisoelkers
Copy link
Member Author

@dennisoelkers dennisoelkers commented Mar 7, 2017

If they do not do it the proper way already, yes. Which plugins do polling?

@bernd
Copy link
Member

@bernd bernd commented Mar 7, 2017

If they do not do it the proper way already, yes. Which plugins do polling?

I don't know, didn't research that.

@joschi joschi self-assigned this Mar 7, 2017
@joschi
joschi approved these changes Mar 7, 2017
@joschi joschi merged commit d3b3ed7 into 2.2 Mar 7, 2017
4 checks passed
4 checks passed
ci-web-linter Jenkins build graylog-pr-linter-check 1402 has succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
licence/cla Contributor License Agreement is signed.
Details
@joschi joschi deleted the prevent-unwanted-session-extension-2.2 branch Mar 7, 2017
@joschi joschi removed the ready-for-review label Mar 7, 2017
@joschi joschi modified the milestones: 2.2.3, 2.2.2 Mar 7, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.