Defect #1041

login problem with 2 redmine installation on the same server

Added by Gilles Ballanger over 13 years ago. Updated over 13 years ago.

Status:ClosedStart date:2008-04-10
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Accounts / authentication
Target version:-
Resolution: Affected version:

Description

Hello,

We have a strange behavior with a specific installation on our LAN.
To make evaluation of a new version we install 2 redmine site with the following URL:
url1://redmine/eval
url2://redmine/prod
The problem occur when after a successful admin login on url1://redmine/eval we change the URL by hand to url2://redmine/prod then we automatically gain the admin login but on the other site (password are not the same on the 2 site for admin). Equal behaviour with other user except that we gain the login of an other user.

we also have problem when adding url corresponding to "eval" in a "prod" news. When user click on the link this generate an internal server error.

It's surely an error from our side to install twice redmine on the same server but perhaps other peoples have made this mistake.

History

#1 Updated by Jean-Philippe Lang over 13 years ago

First, you need to set 2 different cookie names for your redmine instances since they are accessed with the same host name.
For example, add the following line in config/environment.rb (after line 71):

ActionController::Base.session_options[:session_key] = "redmine_eval"

I think a good solution would be to use 2 virtual hosts.

we automatically gain the admin login but on the other site

Do you use the default session storing method (on the file system in tmp/sessions) ? Or do you use cookie store ?
Do your 2 install share the same tmp directory ?

When user click on the link this generate an internal server error.

Can you give the url that is behind this link ?

#2 Updated by Gilles Ballanger over 13 years ago

I think a good solution would be to use 2 virtual hosts.

it's effectively our choice to solve the problem

Do you use the default session storing method (on the file system in tmp/sessions) ?

apparently yes

Do your 2 install share the same tmp directory ?

Yes. The /tmp directory have a huge number of file with name like this ruby_sess.ff7af55ce89a05e9

Can you give the url that is behind this link ?

The exact situation is:
a news at "http://redmine/prod/news/show/20":// contain this text:

use "this page":http://redmine/eval/projects/1/issues to add bug or features request

the result page is:
<title>redMine 500 error</title>
  ...
<h1>Internal error</h1>
<p>An error occurred on the page you were trying to access.<br />
If you continue to experience problems please contact your redMine administrator for assistance.</p>
<p>...

#3 Updated by Jean-Philippe Lang over 13 years ago

Can you post the error log please ?

#4 Updated by Gilles Ballanger over 13 years ago

Here is the log of the "eval" site product when the redMine error 500 occur:

ActiveRecord::RecordNotFound (Couldn't find User with ID=6):
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/activerecord/lib/active_record/base.rb:1031:in `find_one'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/activerecord/lib/active_record/base.rb:1014:in `find_from_ids'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/activerecord/lib/active_record/base.rb:419:in `find'
    /home/redmine/site/atebuilder/V0.6.4_modified/app/controllers/application.rb:34:in `user_setup'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/filters.rb:469:in `send'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/filters.rb:469:in `call'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/filters.rb:442:in `run'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/filters.rb:714:in `run_before_filters'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/filters.rb:694:in `call_filters'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/filters.rb:688:in `perform_action_without_benchmark'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/benchmarking.rb:66:in `perform_action_without_rescue'
    /usr/lib/ruby/1.8/benchmark.rb:293:in `measure'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/benchmarking.rb:66:in `perform_action_without_rescue'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/rescue.rb:83:in `perform_action'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/base.rb:435:in `send'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/base.rb:435:in `process_without_filters'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/filters.rb:684:in `process_without_session_management_support'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/session_management.rb:114:in `process'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/actionpack/lib/action_controller/base.rb:334:in `process'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/dispatcher.rb:41:in `dispatch'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/fcgi_handler.rb:168:in `process_request'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/fcgi_handler.rb:143:in `process_each_request!'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/fcgi_handler.rb:109:in `with_signal_handler'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/fcgi_handler.rb:142:in `process_each_request!'
    /usr/lib/ruby/1.8/fcgi.rb:612:in `each_cgi'
    /usr/lib/ruby/1.8/fcgi.rb:609:in `each'
    /usr/lib/ruby/1.8/fcgi.rb:609:in `each_cgi'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/fcgi_handler.rb:141:in `process_each_request!'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/fcgi_handler.rb:55:in `process!'
    /home/redmine/site/atebuilder/V0.6.4_modified/vendor/rails/railties/lib/fcgi_handler.rb:25:in `process!'
    /home/redmine/site/atebuilder/V0.6.4_modified/public/dispatch.fcgi:24

#5 Updated by Jean-Philippe Lang over 13 years ago

  • Status changed from New to Closed

This error is raised because the user id stored in the session is invalid. Note that you wouldn't get a 500 error with latest trunk.

Do you use the default session storing method (on the file system in tmp/sessions) ?

apparently yes

Session storage must not be shared between 2 instances. A user how logs in on an instance would be recognized as the user with the same id on the other instance!

Also available in: Atom PDF