Item567: LoginManager not working with IP matching because of code error in Foswiki's interface to CGI::Session

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine   Main.KennethLavrsen
Transferred from TWikibug:Item6158 by KennethLavrsen


I'm in the process of upgrading from TWiki 4.0.4 to TWiki 4.2.4 and ran into an error when testing the PublishContrib. Note that although I only see problems with PublishContrib I don't think it's actually related to the code in there. The error I see is:

 ERROR: WebHome not published: "-ip_match" is
not exported by the CGI::Session module
Can't continue after import errors at (eval 125) line 1
BEGIN failed--compilation aborted at (eval 125) line 1. at (eval 125)
line 1 eval 'use CGI::Session qw(-ip_match); use CGI::Cookie
;' called at /var/www/html/twiki/lib/TWiki/LoginManager.pm line 123
TWiki::LoginManager::makeLoginManager('TWiki=HASH(0x1cfd2b0)') called
at /var/www/html/twiki/lib/TWiki/Users.pm line 110
TWiki::Users::new('TWiki::Users', 'TWiki=HASH(0x1cfd2b0)') called at
/var/www/html/twiki/lib/TWiki.pm line 1294 TWiki::new('TWiki',
'TWikiAdminUser', 'CGI=HASH(0x518e90)') called at
/var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line 605
TWiki::Contrib::Publish::publishTopic('TWiki::Contrib::Publish=HASH(0x19e6eb0)',
'WebHome', '.html', 'view',
'\x{a}%TEXT%\x{a}---\x{a}%META{"form}%\x{a}---\x{a}%META{"attachments"}%\x{a}',
'HASH(0xac0760)') called at
/var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line 548
TWiki::Contrib::Publish::__ANON__() called at
/var/www/html/twiki/lib/CPAN/lib//Error.pm line 379 eval {...} called
at /var/www/html/twiki/lib/CPAN/lib//Error.pm line 371
Error::subs::try('CODE(0x1ce2280)', 'HASH(0x1ce4280)') called at
/var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line 556
TWiki::Contrib::Publish::publishUsingTemplate('TWiki::Contrib::Publish=HASH(0x19e6eb0)',
'view') called at /var/www/html/twiki/lib/TWiki/Contrib/Publish.pm line
424
TWiki::Contrib::Publish::publishWeb('TWiki::Contrib::Publish=HASH(0x19e6eb0)',
'WebHome') called at /var/www/html/twiki/lib/TWiki/Contrib/Publish.pm
line 61 TWiki::Contrib::Publish::publish('TWiki=HASH(0x523c10)') called
at /var/www/html/twiki/lib/TWiki/UI.pm line 159 TWiki::UI::__ANON__()
called at /var/www/html/twiki/lib/CPAN/lib//Error.pm line 379 eval
{...} called at /var/www/html/twiki/lib/CPAN/lib//Error.pm line 371
Error::subs::try('CODE(0x506410)', 'HASH(0x19e6cb0)') called at
/var/www/html/twiki/lib/TWiki/UI.pm line 197
TWiki::UI::run('CODE(0x781bf0)') called

My new web server is a clone of the existing system and is running RHEL 4 Update 7. I have the CGI::Session from perl-CGI-Session-4.00_08-1.2.el4.rf installed from http://dag.wieers.com/rpm/packages/perl-CGI-Session/ (like others I've fallen foul of the fact that later versions require postrgres....)

Observations/Issues:
  • The error goes away if I remove the perl-CGI-Session RPM and drop back to the version of CGI::Session distributed with 4.2.4 I don't see anything in the Upgrade guides documenting the fact that CGI::Session is distributed with 4.2.4 and that people might like to review their usage of older CGI::Session installations
  • The installation guide implies that any version of CGI::Session >= 3.95 is usable, however, the use of -ip_match doesn't appear to be in the version of CGI::Session that I'm using (4.00_08); hence the requirement appears to be at least that
  • There is a typo in the use of ip_match in LoginManager.pm - the code has -ip-match, not -ip_match as expected by CGI::Session
  • LoginManager.pm does a test for the version of CG::Session (ca. line 304). This generates many errors when I have the RPM version installed as it complains that the argument 4.00_08 is not numeric
Clearly I have a straightforward resolution for my current problems. However, I definitely think there are some issues with the documentation and there is at least one bug in LoginManager.pm which will stop the IP match check working as advertised (BTW, I don't see any documentation of or any way of changing the other session related variables in LocalSite.cfg)

-- TWiki:Main/MarkLoveridge - 24 Dec 2008

An old buggy CGI-Session we cannotg do much about but we should at least fix the code error he talks about.

Need to verify that he is right naturally

He is right

I will fix.

I will also find out when -ip_match was introduced in CGI::Session so we get the right version dependency.

On CGI::Session versions. 3.95 had -ip_match.

His 4.00_08 is a development version and in that it appears missing.

In the real 4.00 it was back. So running with a dev version of a CPAN lib seems to be something we should not trouble ourselves with documenting.

I will check in the code fix and set waiting for release.

ItemTemplate edit

Summary LoginManager not working with IP matching because of code error in Foswiki's interface to CGI::Session
ReportedBy TWiki:Main/MarkLoveridge
Codebase trunk
SVN Range TWiki-4.2.3, Wed, 06 Aug 2008, build 17396
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor KennethLavrsen
Checkins Foswikirev:1569
TargetRelease patch
ReleasedIn 1.0.0
Topic revision: r3 - 08 Jan 2009, KwangErnLiew
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License