[Tickets #7618] Logout failed with mysql session handler

bugs at horde.org bugs at horde.org
Fri Oct 31 12:42:08 UTC 2008 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/7618
------------------------------------------------------------------------------
  Ticket             | 7618
  Created By         | falon at csi.it
  Summary            | Logout failed with mysql session handler
  Queue              | Horde Groupware Webmail Edition
  Version            | 1.2
  Type               | Bug
  State              | Unconfirmed
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


falon at csi.it (2008-10-31 08:42) wrote:

Hello,
I would notice failed logout from horde when I set MySql session  
handler. After logout the following page has shown:

"We cannot verify that this request was really sent by you. It could  
be a malicious request."

This happens only after the upgrade with same configuration from  
horde-groupware-webmail edition 1.1.3.

I set logging to debug, but I don't see particular info when the error  
page is loaded:

2008-10-31T13:27:48.521862+01:00 vm-wm1 HORDE[27594]: [horde] SQL  
Query by SessionHandler_mysql::_read(): query = "SELECT session_data  
FROM horde_sessionhandler WHERE session_id =  
'rfs2mupupttp6g45cq37gqpkv3' FOR UPDATE" [pid 27594 on line 139 of  
"/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler/mysql.php"]
2008-10-31T13:27:48.530715+01:00 vm-wm1 HORDE[27594]: [horde]  
Connected to the following memcache servers:23.23.23.23:11211,  
23.23.23.24:11211, 23.23.23.25:11211, 23.23.23.26:11211,  
23.23.23.27:11211 [pid 27594 on line 127 of  
"/var/www/html/horde-webmail-1.2/lib/Horde/Memcache.php"]
2008-10-31T13:27:48.605488+01:00 vm-wm1 HORDE[27594]: [horde] Max  
memory usage: 7864320 bytes [pid 27594 on line 339 of  
"/var/www/html/horde-webmail-1.2/lib/Horde/Registry.php"]
2008-10-31T13:27:49.509675+01:00 vm-wm1 HORDE[27573]: [horde] SQL  
Query by SessionHandler_mysql::_read(): query = "SELECT session_data  
FROM horde_sessionhandler WHERE session_id =  
'spg7isdick0fifkop111ksjlk6' FOR UPDATE" [pid 27573 on line 139 of  
"/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler/mysql.php"]
2008-10-31T13:27:49.531630+01:00 vm-wm1 HORDE[27573]: [horde]  
Connected to the following memcache servers:23.23.23.23:11211,  
23.23.23.24:11211, 23.23.23.25:11211, 23.23.23.26:11211,  
23.23.23.27:11211 [pid 27573 on line 127 of  
"/var/www/html/horde-webmail-1.2/lib/Horde/Memcache.php"]
2008-10-31T13:27:49.556592+01:00 vm-wm1 HORDE[27573]: [horde] Max  
memory usage: 7077888 bytes [pid 27573 on line 339 of  
"/var/www/html/horde-webmail-1.2/lib/Horde/Registry.php"]
2008-10-31T13:27:49.563092+01:00 vm-wm1 HORDE[27573]: [horde] Session  
data unchanged (id = spg7isdick0fifkop111ksjlk6) [pid 27573 on line  
253 of "/var/www/html/horde-webmail-1.2/lib/Horde/SessionHandler.php"]

This is my conf.php:

$conf['vhosts'] = false;
$conf['debug_level'] = E_ALL & ~E_NOTICE;
$conf['max_exec_time'] = 0;
$conf['compress_pages'] = true;
$conf['secret_key'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$conf['umask'] = 077;
$conf['use_ssl'] = 2;
$conf['server']['name'] = $_SERVER['SERVER_NAME'];
$conf['server']['port'] = $_SERVER['SERVER_PORT'];
$conf['urls']['token_lifetime'] = 60;
$conf['urls']['hmac_lifetime'] = 30;
$conf['urls']['pretty'] = false;
$conf['safe_ips'] = array();
$conf['session']['name'] = 'Horde';
$conf['session']['use_only_cookies'] = true;
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 0;
$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
$conf['cookie']['path'] = '/';
$conf['sql']['persistent'] = true;
$conf['sql']['username'] = 'userdb';
$conf['sql']['password'] = 'xxxx';
$conf['sql']['hostspec'] = 'host.it';
$conf['sql']['port'] = 3355;
$conf['sql']['protocol'] = 'tcp';
$conf['sql']['database'] = 'mydb';
$conf['sql']['charset'] = 'iso-8859-1';
$conf['sql']['splitread'] = false;
$conf['sql']['phptype'] = 'mysql';
$conf['auth']['admins'] = array('hordemaster');
$conf['auth']['checkip'] = true;
$conf['auth']['checkbrowser'] = true;
$conf['auth']['alternate_login'] = false;
$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['params']['app'] = 'imp';
$conf['auth']['driver'] = 'application';
$conf['signup']['allow'] = false;
$conf['log']['priority'] = PEAR_LOG_DEBUG;
$conf['log']['ident'] = 'HORDE';
$conf['log']['params'] = array();
$conf['log']['name'] = LOG_LOCAL6;
$conf['log']['type'] = 'syslog';
$conf['log']['enabled'] = true;
$conf['log_accesskeys'] = false;
$conf['prefs']['params']['driverconfig'] = 'horde';
$conf['prefs']['driver'] = 'sql';
$conf['alarms']['params']['driverconfig'] = 'horde';
$conf['alarms']['params']['ttl'] = 300;
$conf['alarms']['driver'] = 'sql';
$conf['datatree']['params']['driverconfig'] = 'horde';
$conf['datatree']['driver'] = 'sql';
$conf['group']['driverconfig'] = 'horde';
$conf['group']['driver'] = 'sql';
$conf['group']['cache'] = false;
$conf['perms']['driverconfig'] = 'horde';
$conf['perms']['driver'] = 'sql';
$conf['share']['no_sharing'] = true;
$conf['share']['any_group'] = false;
$conf['share']['cache'] = false;
$conf['share']['driver'] = 'sql';
$conf['cache']['default_lifetime'] = 86400;
$conf['cache']['driver'] = 'memcache';
$conf['lock']['params']['driverconfig'] = 'horde';
$conf['lock']['driver'] = 'sql';
$conf['token']['params']['driverconfig'] = 'horde';
$conf['token']['driver'] = 'sql';
$conf['mailer']['params']['host'] = 'smtp.it';
$conf['mailer']['params']['auth'] = false;
$conf['mailer']['type'] = 'smtp';
$conf['mailformat']['brokenrfc2231'] = false;
$conf['vfs']['type'] = 'none';
$conf['sessionhandler']['params']['persistent'] = true;
$conf['sessionhandler']['params']['rowlocking'] = true;
$conf['sessionhandler']['params']['port'] = 3355;
$conf['sessionhandler']['params']['protocol'] = 'tcp';
$conf['sessionhandler']['params']['hostspec'] = 'host.it';
$conf['sessionhandler']['params']['username'] = 'userdb';
$conf['sessionhandler']['params']['password'] = 'xxxxx';
$conf['sessionhandler']['params']['database'] = 'mydb';
$conf['sessionhandler']['type'] = 'mysql';
$conf['sessionhandler']['memcache'] = false;
$conf['mime']['magic_db'] = '/usr/share/file/magic';
$conf['problems']['email'] = 'falon at csi.it';
$conf['problems']['maildomain'] = 'csi.it';
$conf['problems']['tickets'] = false;
$conf['problems']['attachments'] = true;
$conf['menu']['apps'] = array();
$conf['menu']['always'] = false;
$conf['menu']['links']['help'] = 'all';
$conf['menu']['links']['options'] = 'authenticated';
$conf['menu']['links']['problem'] = 'never';
$conf['menu']['links']['login'] = 'all';
$conf['menu']['links']['logout'] = 'authenticated';
$conf['hooks']['permsdenied'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['preauthenticate'] = true;
$conf['hooks']['postauthenticate'] = false;
$conf['hooks']['authldap'] = false;
$conf['hooks']['groupldap'] = false;
$conf['portal']['fixed_blocks'] = array('horde:weatherdotcom');
$conf['weatherdotcom']['partner_id'] = 'xxxxxxxx';
$conf['weatherdotcom']['license_key'] = 'xxxxxxxx';
$conf['accounts']['params']['host'] = '23.23.23.29';
$conf['accounts']['params']['port'] = 388;
$conf['accounts']['params']['basedn'] = 'c=IT';
$conf['accounts']['params']['binddn'] = 'brother';
$conf['accounts']['params']['password'] = 'syster';
$conf['accounts']['params']['attr'] = 'uid';
$conf['accounts']['params']['version'] = '3';
$conf['accounts']['params']['strip'] = false;
$conf['accounts']['driver'] = 'ldap';
$conf['user']['verify_from_addr'] = false;
$conf['imsp']['enabled'] = false;
$conf['kolab']['enabled'] = false;
$conf['memcache']['hostspec'] = array('23.23.23.23', '23.23.23.24',  
'23.23.23.25', '23.23.23.26', '23.23.23.27');
$conf['memcache']['port'] = array('11211', '11211', '11211', '11211',  
'11211');
$conf['memcache']['weight'] = array('1', '1', '1', '1', '1');
$conf['memcache']['persistent'] = true;
$conf['memcache']['compression'] = false;
$conf['memcache']['large_items'] = true;
$conf['memcache']['enabled'] = true;
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */

I see that logout works if I use memcache as custom session handler.
I thank you very much
Best Regards
marco

More information about the bugs mailing list