Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-56417

ignore_timeout_hook is ignored in session/manager

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      When a sessions lifetime is longer than $CFG->sessiontimeout, the session will be removed. The functionality of $authplugin->ignore_timeout_hook() is to prevent the session manager from unnecessarily removing SSO authenticated connections.

      Current behaviour

      To observe the current behaviour edit config.php and set $CFG->sessiontimeout = 15;
      Log in to Moodle with a manual account.
      Wait 15 seconds.
      Run php admin/tool/task/cli/schedule_task.php --execute='\core\task\session_cleanup_task'
      Query the database select * from mdl_sessions;.
      The task iterate over all sessions older than 15 seconds and remove them.

      Test new behaviour

      We have a test branch where is it possible to examine the behaviour of $authplugin->ignore_timeout_hook().
      git clone git@github.com:nhoobin/moodle.git
      git checkout MDL-56417-ignore_timeout_hook_test
      This should be on the latest Moodle weekly. Rebase if it is behind.
      git remote add upstream git@github.com:moodle/moodle.git
      git rebase upstream/master

      The 'tests' in this branch are in auth/manual and auth/email. The function ignore_timeout_hook() has been added to the auth.php files of both plugins and to test it is quite simple.
      To observe the new behaviour edit config.php and set $CFG->sessiontimeout = 15;
      Log in to Moodle with a manual account.
      Wait 15 seconds.
      Run php admin/tool/task/cli/schedule_task.php --execute='\core\task\session_cleanup_task'
      Query the database select * from mdl_sessions;.
      Your session still exists and you have not been logged out of Moodle.

      Show
      When a sessions lifetime is longer than $CFG->sessiontimeout , the session will be removed. The functionality of $authplugin->ignore_timeout_hook() is to prevent the session manager from unnecessarily removing SSO authenticated connections. Current behaviour To observe the current behaviour edit config.php and set $CFG->sessiontimeout = 15; Log in to Moodle with a manual account. Wait 15 seconds. Run php admin/tool/task/cli/schedule_task.php --execute='\core\task\session_cleanup_task' Query the database select * from mdl_sessions; . The task iterate over all sessions older than 15 seconds and remove them. Test new behaviour We have a test branch where is it possible to examine the behaviour of $authplugin->ignore_timeout_hook() . git clone git@github.com:nhoobin/moodle.git git checkout MDL-56417 -ignore_timeout_hook_test This should be on the latest Moodle weekly. Rebase if it is behind. git remote add upstream git@github.com:moodle/moodle.git git rebase upstream/master The 'tests' in this branch are in auth/manual and auth/email. The function ignore_timeout_hook() has been added to the auth.php files of both plugins and to test it is quite simple. To observe the new behaviour edit config.php and set $CFG->sessiontimeout = 15; Log in to Moodle with a manual account. Wait 15 seconds. Run php admin/tool/task/cli/schedule_task.php --execute='\core\task\session_cleanup_task' Query the database select * from mdl_sessions; . Your session still exists and you have not been logged out of Moodle.
    • Affected Branches:
      MOODLE_29_STABLE, MOODLE_30_STABLE, MOODLE_31_STABLE
    • Fixed Branches:
      MOODLE_30_STABLE, MOODLE_31_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-56417_master

      Description

      If you are implementing a sso auth plugin where session timeouts are ignored or imposed by the external system, then you are supposed to implement ignore_timeout_hook() in the auth plugin and return true;

      However this doesn't do anything and the sessions are still killed:

      https://github.com/moodle/moodle/blob/master/lib/classes/session/manager.php#L773-L776

      It would appear that this is a typo and "continue;" should be "continue 2"; to jump back to the outer loop.

        Attachments

          Activity

            People

            Assignee:
            nhoobin Nicholas Hoobin
            Reporter:
            brendanheywood Brendan Heywood
            Peer reviewer:
            David Monllaó
            Integrator:
            Andrew Nicols
            Tester:
            John Okely
            Participants:
            Component watchers:
            Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              14/Nov/16