Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #23452 Doing REST or Webdav operations with Basic Auth should not create a "long session"
    Actions
    Infos
    #23452
    Thomas Gerbet (tgerbet)
    2021-10-20 10:12
    2021-10-19 13:14
    25002
    Details
    Doing REST or Webdav operations with Basic Auth should not create a "long session"

    Every time a user authenticated with a Basic Auth header calls the REST API or do a Webdav information, Tuleap generates a "long session" and store the information in the session table. It can lead to a massive session which in turn can lead to performance issues.

    There is no need to create such a session in this situation since the authentication is only supposed to live for the duration of the request.

    Other
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2021-10-19
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #22713 Tuleap Releases 13.2 Delivered 2021-11-10 15:01 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #23452

    Git commit

    tuleap/tuleap/stable

    Merge commit 'refs/changes/91/24291/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 87415fc607
    User avatar Nicolas Terray (nterray) , 2021-10-19 16:52
    request #23452: Doing REST or Webdav operations with Basic Auth should not create a "long session" 2c1c662882
    User avatar Thomas Gerbet (tgerbet) , 2021-10-19 13:49
    Clear the `session` table to avoid issues with a massive table cb97633fd9
    User avatar Thomas Gerbet (tgerbet) , 2021-10-20 09:40
    Referenced by request #23452

    Artifact Tracker v5

    rel #22713 13.2

    Other

    gerrit #24291
    gerrit #24298
    Display settings

    Follow-ups