limit session size
Bug #1843199 reported by
Paul Collins
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical SSO provider |
Fix Released
|
Undecided
|
Maximiliano Bertacchini |
Bug Description
On Friday SSO experienced an outage due to space exhaustion on the database servers: https:/
This was caused by a Web spider initiating and not completing logins in a short space of time, similar to LP:1779269. However, this occurred in such a short amount of time that the 24h threshold was not reached.
Related branches
lp://staging/~maxiberta/canonical-identity-provider/openid-session-limit
- Daniel Manrique (community): Approve
-
Diff: 188 lines (+93/-8)3 files modifieddjango_project/settings_base.py (+2/-1)
src/identityprovider/tests/test_views_server.py (+60/-5)
src/identityprovider/views/server.py (+31/-2)
lp://staging/~maxiberta/canonical-identity-provider/charm-add-openid-session-limit
- Daniel Manrique (community): Approve
-
Diff: 28 lines (+7/-0)2 files modifiedconfig.yaml (+4/-0)
templates/settings.py.j2 (+3/-0)
Changed in canonical-identity-provider: | |
status: | New → In Progress |
assignee: | nobody → Maximiliano Bertacchini (maxiberta) |
Changed in canonical-identity-provider: | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
As a workaround, we added the following constraint:
ALTER TABLE django_session ADD CONSTRAINT pjdc_wgrant_ cowboy_ no_large_ sessions CHECK (length( session_ data) < 2000000) NOT VALID;
This can probably removed once a code fix is live.