Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Catalyst: Users

Invalid session ids being generated

  

 
Catalyst users RSS feed   Index | Next | Previous | View Threaded


rpack at genares

May 7, 2008, 3:38 PM

Post #1 of 8 (354 views)
Permalink
Invalid session ids being generated
My Catalyst app is using Session::State::Cookie, Session::State::URI,
and Session::Store::DBIC. We recently started using the param option in
Session::State::URI. We were tacking the session id onto the base URL
but now it is being included as a parameter. Anyways, when you first
make a request, a cookie is set with a valid session_id but uri_for
returns the url with a totally different session id which doesn't even
exist in the database. We are including the uri_for generated url for
form actions and links, etc. in our templates in case cookies are
disabled. Has anyone seen this before?



Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600


rpack at genares

May 7, 2008, 7:24 PM

Post #2 of 8 (336 views)
Permalink
RE: Invalid session ids being generated [In reply to]
I forgot to include the error in the log:



FastCGI: server "/u/lxlib/BookingEngine/script/bookingengine_fastcgi.pl"
stderr: [error] Caught exception in engine
"DBIx::Class::Relationship::CascadeActions::update(): Can't update
BookingEngine::Model::DBIC::BE::Session=HASH(0xd3f2620): row not found
at
/usr/lib/perl5/site_perl/5.8.5/Catalyst/Plugin/Session/Store/DBIC/Delega
te.pm line 85"



Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600

________________________________

From: Ryan Pack [mailto:rpack[at]genares.com]
Sent: Wednesday, May 07, 2008 5:38 PM
To: catalyst[at]lists.scsys.co.uk
Subject: [Catalyst] Invalid session ids being generated



My Catalyst app is using Session::State::Cookie, Session::State::URI,
and Session::Store::DBIC. We recently started using the param option in
Session::State::URI. We were tacking the session id onto the base URL
but now it is being included as a parameter. Anyways, when you first
make a request, a cookie is set with a valid session_id but uri_for
returns the url with a totally different session id which doesn't even
exist in the database. We are including the uri_for generated url for
form actions and links, etc. in our templates in case cookies are
disabled. Has anyone seen this before?



Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600


rpack at genares

May 8, 2008, 9:59 AM

Post #3 of 8 (327 views)
Permalink
RE: Invalid session ids being generated [In reply to]
Ok, I think I have enough information to explain the problem better.
When a request is made to the app a session id is created in the db but
there is no session data and the expires field is null. The cookie is
set with that session id. When you make a subsequent request, the error
below is logged and the first session id is deleted automatically. A
new session id is created and this time session data is populated as
well as expires. A new cookie is set with the good session id and all
is well. I am going to dig into why the first session created is
invalid, but I'm rather new to Catalyst and I can use any suggestions
you can offer. Thanks!



Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600

________________________________

From: Ryan Pack [mailto:rpack[at]genares.com]
Sent: Wednesday, May 07, 2008 9:25 PM
To: The elegant MVC web framework
Subject: RE: [Catalyst] Invalid session ids being generated



I forgot to include the error in the log:



FastCGI: server "/u/lxlib/BookingEngine/script/bookingengine_fastcgi.pl"
stderr: [error] Caught exception in engine
"DBIx::Class::Relationship::CascadeActions::update(): Can't update
BookingEngine::Model::DBIC::BE::Session=HASH(0xd3f2620): row not found
at
/usr/lib/perl5/site_perl/5.8.5/Catalyst/Plugin/Session/Store/DBIC/Delega
te.pm line 85"



Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600

________________________________

From: Ryan Pack [mailto:rpack[at]genares.com]
Sent: Wednesday, May 07, 2008 5:38 PM
To: catalyst[at]lists.scsys.co.uk
Subject: [Catalyst] Invalid session ids being generated



My Catalyst app is using Session::State::Cookie, Session::State::URI,
and Session::Store::DBIC. We recently started using the param option in
Session::State::URI. We were tacking the session id onto the base URL
but now it is being included as a parameter. Anyways, when you first
make a request, a cookie is set with a valid session_id but uri_for
returns the url with a totally different session id which doesn't even
exist in the database. We are including the uri_for generated url for
form actions and links, etc. in our templates in case cookies are
disabled. Has anyone seen this before?



Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600


dwc at pobox

May 8, 2008, 11:59 AM

Post #4 of 8 (327 views)
Permalink
Re: Invalid session ids being generated [In reply to]
On 2008-05-07 17:38:12 -0500, Ryan Pack wrote:
> My Catalyst app is using Session::State::Cookie,
> Session::State::URI, and Session::Store::DBIC. We recently started
> using the param option in Session::State::URI. We were tacking the
> session id onto the base URL but now it is being included as a
> parameter. Anyways, when you first make a request, a cookie is set
> with a valid session_id but uri_for returns the url with a totally
> different session id which doesn't even exist in the database.

Please send the output of a full request cycle using the debug flag.
For example, with the built-in server:

DBIC_TRACE=1 ./script/*server.pl -r -d

I'm not sure that using two Session::State plugins is recommended. At
the very least, have you set the no_rewrite_if_cookie flag for
Session::State::URI?

--
Daniel Westermann-Clark

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


rpack at genares

May 8, 2008, 4:02 PM

Post #5 of 8 (325 views)
Permalink
RE: Invalid session ids being generated [In reply to]
I was able to fix it by downgrading Catalyst::Plugin::Session. We were
on 0.13 until I upgraded to .19 (latest) along with a bunch of other
Catalyst modules. Just as a last resort before I downgraded everything
back to the way it was I tried just downgrading
Catalyst::Plugin::Session and it worked! Woohoo!

Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600


-----Original Message-----
From: Daniel Westermann-Clark [mailto:dwc[at]pobox.com]
Sent: Thursday, May 08, 2008 2:00 PM
To: The elegant MVC web framework
Subject: Re: [Catalyst] Invalid session ids being generated

On 2008-05-07 17:38:12 -0500, Ryan Pack wrote:
> My Catalyst app is using Session::State::Cookie,
> Session::State::URI, and Session::Store::DBIC. We recently started
> using the param option in Session::State::URI. We were tacking the
> session id onto the base URL but now it is being included as a
> parameter. Anyways, when you first make a request, a cookie is set
> with a valid session_id but uri_for returns the url with a totally
> different session id which doesn't even exist in the database.

Please send the output of a full request cycle using the debug flag.
For example, with the built-in server:

DBIC_TRACE=1 ./script/*server.pl -r -d

I'm not sure that using two Session::State plugins is recommended. At
the very least, have you set the no_rewrite_if_cookie flag for
Session::State::URI?

--
Daniel Westermann-Clark

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive:
http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Alexander.Hartmaier at t-systems

May 9, 2008, 7:49 AM

Post #6 of 8 (317 views)
Permalink
RE: Invalid session ids being generated [In reply to]
Delete the session cache file!
I had a similar problem.

-Alex


-----Original Message-----
From: Ryan Pack [mailto:rpack[at]genares.com]
Sent: Friday, May 09, 2008 1:03 AM
To: The elegant MVC web framework
Subject: RE: [Catalyst] Invalid session ids being generated

I was able to fix it by downgrading Catalyst::Plugin::Session. We were
on 0.13 until I upgraded to .19 (latest) along with a bunch of other
Catalyst modules. Just as a last resort before I downgraded everything
back to the way it was I tried just downgrading
Catalyst::Plugin::Session and it worked! Woohoo!

Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600


-----Original Message-----
From: Daniel Westermann-Clark [mailto:dwc[at]pobox.com]
Sent: Thursday, May 08, 2008 2:00 PM
To: The elegant MVC web framework
Subject: Re: [Catalyst] Invalid session ids being generated

On 2008-05-07 17:38:12 -0500, Ryan Pack wrote:
> My Catalyst app is using Session::State::Cookie,
> Session::State::URI, and Session::Store::DBIC. We recently started
> using the param option in Session::State::URI. We were tacking the
> session id onto the base URL but now it is being included as a
> parameter. Anyways, when you first make a request, a cookie is set
> with a valid session_id but uri_for returns the url with a totally
> different session id which doesn't even exist in the database.

Please send the output of a full request cycle using the debug flag.
For example, with the built-in server:

DBIC_TRACE=1 ./script/*server.pl -r -d

I'm not sure that using two Session::State plugins is recommended. At
the very least, have you set the no_rewrite_if_cookie flag for
Session::State::URI?

--
Daniel Westermann-Clark

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive:
http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*


jon at jrock

May 10, 2008, 6:38 PM

Post #7 of 8 (295 views)
Permalink
Re: Invalid session ids being generated [In reply to]
* On Fri, May 09 2008, Hartmaier Alexander wrote:
> Delete the session cache file!
> I had a similar problem.
>
> -Alex
>
>
> -----Original Message-----
> From: Ryan Pack [mailto:rpack[at]genares.com]
> Sent: Friday, May 09, 2008 1:03 AM
> To: The elegant MVC web framework
> Subject: RE: [Catalyst] Invalid session ids being generated
>
> I was able to fix it by downgrading Catalyst::Plugin::Session. We were
> on 0.13 until I upgraded to .19 (latest) along with a bunch of other
> Catalyst modules. Just as a last resort before I downgraded everything
> back to the way it was I tried just downgrading
> Catalyst::Plugin::Session and it worked! Woohoo!

Both of these sound like fragile workarounds. If you guys can do a bit
more digging, I would appreciate it. It would be good to actually fix
the problems, after all.

Regards,
Jonathan Rockway

--
print just => another => perl => hacker => if $,=$"

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


rpack at genares

May 12, 2008, 8:06 AM

Post #8 of 8 (281 views)
Permalink
RE: Invalid session ids being generated [In reply to]
The problem is I was not able to duplicate this on our development or
test servers. Only on production and unfortunately we don't have time
right now to set up a duplicate site on production for debugging this
issue. The code is the same, the only differences are we use a load
balancer with 3 web servers and use mysql replication. If we can get
caught up I may spend some more time on it.

Ryan Pack

Programmer

Genares Worldwide Reservations

P. 817-722-2834

F. 817-442-0600


-----Original Message-----
From: Jonathan Rockway [mailto:jon[at]jrock.us]
Sent: Saturday, May 10, 2008 8:39 PM
To: The elegant MVC web framework
Subject: Re: [Catalyst] Invalid session ids being generated

* On Fri, May 09 2008, Hartmaier Alexander wrote:
> Delete the session cache file!
> I had a similar problem.
>
> -Alex
>
>
> -----Original Message-----
> From: Ryan Pack [mailto:rpack[at]genares.com]
> Sent: Friday, May 09, 2008 1:03 AM
> To: The elegant MVC web framework
> Subject: RE: [Catalyst] Invalid session ids being generated
>
> I was able to fix it by downgrading Catalyst::Plugin::Session. We
were
> on 0.13 until I upgraded to .19 (latest) along with a bunch of other
> Catalyst modules. Just as a last resort before I downgraded
everything
> back to the way it was I tried just downgrading
> Catalyst::Plugin::Session and it worked! Woohoo!

Both of these sound like fragile workarounds. If you guys can do a bit
more digging, I would appreciate it. It would be good to actually fix
the problems, after all.

Regards,
Jonathan Rockway

--
print just => another => perl => hacker => if $,=$"

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive:
http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst[at]lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst[at]lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

Catalyst users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.