mahara-contributors team mailing list archive

Thread
Date

[Bug 1792272] Re: Enhance Memcached & Redis session storage functionality for both Mahara & SAML authentication

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Robert Lyon <robertl@xxxxxxxxxxxxxxx>
Date: Wed, 26 Sep 2018 22:53:11 -0000
Reply-to: Bug 1792272 <1792272@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

We've fixed the issues with point 2 and 3 with patches 9042 and 9132

I'll make a new bug report for point 1 "Clean up session duplication
between auth/session and auth/saml"

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1792272

Title:
  Enhance Memcached & Redis session storage functionality for both
  Mahara & SAML authentication

Status in Mahara:
  Fix Committed

Bug description:
  We believe that following enhancements and fixing identified issues
  will make session handling more robust. We have already implemented
  some of these enhancements and most probably next month will be
  sending over patches once we complete all these suggested
  enhancements.

  1.      Duplication with slight differences

  -       The Memcached and Redis session storage functionality is
  duplicated with slight differences in auth/session.php and
  auth/saml/lib.php which can be combined into session.php and can be
  called from there. For server configs, it relies on the main
  config.php.

  2.      Memcached server connectivity test is broken on RHEL 7 or
  newer systems

  -       session.php uses nc utility with option –z (link to Linux ncat
  utility) to check server connectivity which should be avoided and it
  is already broken on RedHat 7.x or higher system where –Z option is no
  longer available and it fails yet allowed to go past this point
  without any error message

  -       This can be avoided using fsockopen which we have already
  implemented as a separate function in web.php which can be used for
  this sort of purposes.

  +
  +/**
  + * Is the host reachable on specified port
  + *
  + * @param string    $host    The host to check
  + * @param string    $port    The port to check
  + *
  + * @return bool
  + */
  +function host_reachable($host, $port) {
  +   $fp = fsockopen($host, $port);
  +
  +   if($fp) {
  +       fclose ($fp);
  +       return true;
  +    } else {
  +       return false;
  +    }
  +}

  -       Implement Memcached connection check function in session.php
  within is_memcache_configured using Memcached::getVersion which
  returns vrsion on success and string(11) "255.255.255" if fails. Or
  using something similar.

  3.      SAML authentication plugin still uses obsolete extension
  memcache

  - auth/saml still uses memcache extension despite it is obsolete and
  on the other hand, Mahara throws an error message in session.php if it
  detects memcache. We have fixed this issue for our implementation and
  it is now using memcached extension

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1792272/+subscriptions

References

[Bug 1792272] [NEW] Enhance Memcached & Redis session storage functionality for both Mahara & SAML authentication
From: Yaju Mahida, 2018-09-13