Yii Framework Forum: Multi-Server Authentication Failure with DB sessions - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Multi-Server Authentication Failure with DB sessions Rate Topic: -----

#1 User is offline   Brasuca 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 15
  • Joined: 05-August 10
  • Location:Belo Horizonte, Brazil

Posted 17 May 2011 - 03:55 PM

Hi there.

This is not really a bug report but rather an esoteric behavior that I hope can help others save the time I spent debugging it.

I am implementing a scalable multi-server deployment of a Yii application (using haproxy as a round-robin load-balancer, no session affinity) and I took all the necessary/recommended steps:

1- Used DB sessions for session sharing;
2- Made sure the runtime folder contents is shared by all servers;

Nevertheless, I could not get authentication to function properly when submitting requests to different servers, although sessions and authentication cookies seemed to be working in the proper way.

So, after careful study of the framework, I found out that Yii stores authentication information in the session record by prefixing it with the application ID. However, this application ID depends on the base location of the application installation.

It turns out that indeed my application was installed in different locations on different servers and the ID was not matching. Therefore there is a third step to the list above:

3- Make sure your app is installed in the same folder throughout all servers.

Hope this saves your time!

Best
2

#2 User is offline   Rodrigo Coelho 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 664
  • Joined: 05-August 10
  • Location:Rio de Janeiro, Brazil

Posted 17 May 2011 - 04:12 PM

What about using CApplication::id?
Setting the same id in each server wouldn't help?
0

#3 User is offline   R2D2 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 1
  • Joined: 09-January 13

Posted 09 January 2013 - 04:07 AM

View PostBrasuca, on 17 May 2011 - 03:55 PM, said:


It turns out that indeed my application was installed in different locations on different servers and the ID was not matching. Therefore there is a third step to the list above:

3- Make sure your app is installed in the same folder throughout all servers.

Hope this saves your time!

Best


Good suggestions! Thx!

Maybe there is another way.

in CWebUser , it's
public function setState($key,$value,$defaultValue=null)
{
$key=$this->getStateKeyPrefix().$key;
if($value===$defaultValue)
unset($_SESSION[$key]);
else
$_SESSION[$key]=$value;
}

public function getStateKeyPrefix()
{
if($this->_keyPrefix!==null)
return $this->_keyPrefix;
else
return $this->_keyPrefix=md5('Yii.'.get_class($this).'.'.Yii::app()->getId());
}

So, if we set same CWebUser prefixKey in protected/config/main.php, the session is shared by the key. just like following:

'components'=>array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'stateKeyPrefix'=>'justsameuser',
),
}
0

#4 User is offline   shreyas d 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 7
  • Joined: 16-July 12

Posted 30 July 2013 - 02:13 AM

I am struggling to share session on multiple server.

My config file is as follows :


// application components
'components'=>array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'class'=>'application.components.WebUser',
'stateKeyPrefix'=>'justsameuser',
),
// session configuration

'session' => array(
'cookieMode' => 'allow',
'sessionTableName' => 'session',
'autoCreateSessionTable' => true,
'class' => 'system.web.CDbHttpSession',
'connectionID' => 'db',

'cookieParams' => array(
'path' => 'http://myipaddress/1_blog/runtime/', // the central server to store session
'httpOnly' => true,
),
),


I have added the methods getStateKeyPrefix and setState in my CWebUser file.

But still the dont see any session sharing working for me

Please any one have some idea on this ?

Thanks,
Shreyas
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users