Apache OpenID

apache-openid returns 500 error message on access to a protected resource

Bug #455510 reported by Andrew Glen-Young
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Apache OpenID
Fix Released
High
Unassigned

Bug Description

Accessing https://directory.canonical.com/ with "older" cookies returns an application error preventing someone from logging in.
Unfortunately, I cannot reproduce as I do not have an older cookie.

What I expect to happen:

 1. Gain access to the protected resource.

What actually happens:

 1. Apache returns a 500 error message.

How to reproduce:

 1. Access the directory with an older cookie (unfortunately I don't know what the cookie contents look like).

More information:

Below is the information that I have mined from our Apache logs with the request and the relevant error message that is returned.

Apache request:

xxx.xxx.xxx.xxx - - [19/Oct/2009:15:57:27 +0100] "GET / HTTP/1.1" 500 1308 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20091007 Ubuntu/9.10 (karmic) Firefox/3.5.3"

The traceback follows below:

[Mon Oct 19 09:57:32 2009] [error] [client xxx.xxx.xxx.xxx] mod_python (pid=29107, interpreter='directory.canonical.com', phase='PythonAccessHandler', handler='mpopenid::protect'): Application error
[Mon Oct 19 09:57:32 2009] [error] [client xxx.xxx.xxx.xxx] ServerName: 'directory.canonical.com'
[Mon Oct 19 09:57:32 2009] [error] [client xxx.xxx.xxx.xxx] DocumentRoot: '/htdocs'
[Mon Oct 19 09:57:32 2009] [error] [client xxx.xxx.xxx.xxx] URI: '/'
[Mon Oct 19 09:57:32 2009] [error] [client xxx.xxx.xxx.xxx] Location: '/'
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] Directory: None
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] Filename: '/htdocs'
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] PathInfo: '/'
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] Traceback (most recent call last):
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] File "/usr/lib/python2.5/site-packages/mod_python/importer.py", line 1537, in HandlerDispatch\n default=default_handler, arg=req, silent=hlist.silent)
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] File "/usr/lib/python2.5/site-packages/mod_python/importer.py", line 1229, in _process_target\n result = _execute_target(config, req, object, arg)
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] File "/usr/lib/python2.5/site-packages/mod_python/importer.py", line 1128, in _execute_target\n result = object(arg)
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] File "/usr/lib/python2.5/site-packages/mpopenid.py", line 34, in protect\n return oid_req.protect()
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] File "/usr/lib/python2.5/site-packages/mpopenid.py", line 1252, in protect\n ', '.join(self.cookied_teams))
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] File "/usr/lib/python2.5/site-packages/mpopenid.py", line 272, in __getattr__\n val = func()
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] File "/usr/lib/python2.5/site-packages/mpopenid.py", line 360, in get_cookied_teams\n for team in team_cache.keys():
[Mon Oct 19 09:57:33 2009] [error] [client xxx.xxx.xxx.xxx] AttributeError: 'list' object has no attribute 'keys'

Revision history for this message
James Troup (elmo) wrote :

I added some debug code and found that when we traceback, team_cache
lookgs like this:

[Mon Oct 19 17:53:58 2009] [error] [client 555.555.555.555] MOOHAHA: [u'canonical']

But when it works, looks like this:

[Mon Oct 19 11:58:13 2009] [error] [client 555.555.555.555] MOOHAHA: {u'canonical': datetime.datetime(2009, 10, 19, 12, 58, 13, 378459)}, referer: https://directory.canonical.com/openid/login

Stuart Metcalfe (stuartmetcalfe)
Changed in apache-openid:
importance: Undecided → High
assignee: nobody → Stuart Metcalfe (stuartmetcalfe)
Revision history for this message
Stuart Metcalfe (stuartmetcalfe) wrote :

This should be fixed with the current version of python-apache-openid in lucid+

Changed in apache-openid:
assignee: Stuart Metcalfe (stuartmetcalfe) → nobody
Revision history for this message
Māris Fogels (mars) wrote :

I have looked over the code in the python-apache-openid-2.0 package and this bug appears to be resolved, so I am closing this bug as 'Fix Released'.

The original bug likely resulted from a change in the session database format. The 2.0 code line rewrote how the session database is handled, resolving this issue.

Changed in apache-openid:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.