Session encoding corruption
Concerned version
Version: 1.9.22-1.el7 and 2.0.15.1-1.el8
Platform: httpd (Apache)
Summary
After a while, sessions containing UTF-8 characters get double encoded.
Logs
I can't tell exactly when the corruption happens. If I delete the session from the manager, a new connection recreates the session correctly, after a while, accentuated characters become garbled again.
Backends used
Auth mode is User/Pass, with LDAP user backend, session and appconfig are also stored in LDAP using globalStorage
ini:
all:
globalStorage: Apache::Session::Browseable::LDAP
globalStorageOptions: |-
{ \
'type' => 'LDAP', \
'ldapServer' => 'ldap+tls://{{ ldap_host }}', \
'ldapConfBase' => 'ou=sessions,ou=lemonldap,ou=appconfig,dc=liege,dc=be', \
'ldapBindDN' => 'cn=lemonldap-{{ inventory_hostname }},ou=technical,ou=people,dc=liege,dc=be', \
'ldapBindPassword' => '{{ lemonldap_ldap_password }}', \
'ldapObjectClass' => 'applicationProcess', \
'ldapAttributeId' => 'cn', \
'ldapAttributeContent' => 'description', \
'ldapAttributeIndex' => 'ou', \
'Index' => '_whatToTrace _session_kind _assert_id' \
}
configuration:
type: LDAP
ldapServer: ldap+tls://{{ ldap_host }}
ldapConfBase: ou=config,ou=lemonldap,ou=appconfig,dc=liege,dc=be
ldapBindDN: cn=lemonldap-{{ inventory_hostname }},ou=technical,ou=people,dc=liege,dc=be
ldapBindPassword: "{{ lemonldap_ldap_password }}"
ldapObjectClass: applicationProcess
ldapAttributeId: cn
ldapAttributeContent: description
localStorageOptions: |-
{ \
'namespace' => 'lemonldap-ng-config', \
'default_expires_in' => 600, \
'directory_umask' => '007', \
'cache_root' => '/var/cache/lemonldap-ng', \
'cache_depth' => 3, \
}
Possible fixes
We are writing a script that detects and removes sessions in the LDAP server. That's only a band aid though.