Code

Opened 3 years ago

Closed 3 years ago

#15712 closed (needsinfo)

authentication switching mid-session

Reported by: ccurvey Owned by: nobody
Component: Uncategorized Version: 1.2
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

When my Django system is under heavy load (system CPU > 90%), I start getting complaints to users that their authentication changes in the middle of a session. For example:

1) Bob logs in to the site. The site says "Hello Bob" at the top of each page.

2) Bob uses the site for a while without incident

3) Bob notices that the top of the page now says "Hello Steve".

The problem is intermittent, and I can't duplicate it (but I have seen it with my own eyes). I'm running Django 1.2.5 on Windows, with SessionMiddleware installed. I have django.contrib.sessions in my INSTALLED_APPS, and I believe that I'm using database-backed sessions, with a MySQL database.

The only "odd" thing that I'm doing is that I have four instances of Apache running, with my Django app running via mod_wsgi in each of them. There is another apache server in front that does load-balancing, so multiple requests from a single user may get routed to different apache instances (which is what I want, to get maximum throughput on Ajax calls). But I thought that having the sessions be database-backed would deal with this (multiple session requests can hit the database at the same time).

Any thoughts? I'm sorry this is such a lousy, unrepeatable case.

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by russellm

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to needsinfo
  • Status changed from new to closed

I'm going to mark this as closed:needsinfo, because this isn't an actionable task -- yet.

Trac isn't the place for diagnosing problems; it's the place to log clearly identifiable issues that can be resolved. At the moment, we don't even know if it is your code or Django that is the problem (for example, some sort of problem with your usage of caching might be the root cause).

So -- start a discussion on django-users and try to narrow down the problem; if the result of that discussion is a clear bug in Django, feel free to reopen this ticket.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.