Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid session reuse when new token is needed #433

Closed
bbockelm opened this issue Jan 9, 2018 · 0 comments
Closed

Avoid session reuse when new token is needed #433

bbockelm opened this issue Jan 9, 2018 · 0 comments
Assignees
@bbockelm
Labels
Clients enhancement
Milestone
1.14.6-clients

Comments

@bbockelm
Copy link
Contributor

bbockelm commented Jan 9, 2018

Motivation

In testing of rucio upload, I've sporadically hit cases where:

  1. In a sequence of REST API calls, one call requires the client to retrieve a new Rucio token.
  2. The client will contact the token issuer endpoint to retrieve a new token.
  3. Since the client reuses the session object, an existing SSL session may be utilized.
  4. If the existing SSL session wasn't created with an X509 user proxy (or established via TLS session reuse), then mod_gridsite isn't able to pass along the appropriate headers about the client DN.
  5. Without the client DN, the issuer (correctly) refuses to issue a new token.

Modification

Whenever the client receives an authorization failure, it should create a new session object prior to retrying the token retrieval.
bari12 added a commit that referenced this issue Jan 10, 2018
@bari12
Merge pull request #435 from bbockelm/patch-433-client_avoid_session_…
165ad2d 
…reuse

client: Recreate session after authorization failure (next). Fix #433
@bari12 bari12 closed this as completed in 0eae4a2 Jan 10, 2018
@bari12 bari12 added this to the 1.14.6-clients milestone Jan 10, 2018
yuyiguo pushed a commit to yuyiguo/rucio that referenced this issue Sep 20, 2023
@ericvaandering
Merge pull request rucio#433 from ericvaandering/patch_6102
f05b4f7 
Patch for Rucio issue 6100 (PR 6102)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bbockelm bbockelm

Labels
Clients enhancement
Projects
None yet
Milestone
1.14.6-clients
Development

No branches or pull requests
2 participants
@bari12 @bbockelm