Hi Oliver, no problem, maybe we should reconsider using daemon caching after all.
However the "clear" button is not useless, because the secret is not reset, when you log off. If you enter an incorrect secret, the secret group is in state "complete", but your ca is unusable. Anyway, if I'm "the last of my kind" regarding session caching you needn't put effort into that. Thanks for the quick response, Dirk -----Ursprüngliche Nachricht----- Von: Oliver Welter [mailto:[email protected]] Gesendet: Montag, 4. Dezember 2017 11:50 An: [email protected] Betreff: Re: [OpenXPKI-users] Secret group session error after update from 1.17 to 1.19 Hello Dirk, to be honest, you are the only one I know that uses cache-session and I must confess we did not test that :( I don't want to whitewash the bug but IMHO clear secret with cache session does not really make sense from a business view so I think we will fix the problem by removing the "clear" button. I will add a ticket to get the secret handling reworked for one of the next releases. best regards Oliver Am 01.12.2017 um 09:39 schrieb Dirk Heuvels: > Hi Oliver, > > I'm afraid there is another spot in Session::Data.pm where validation fails, > if "cache: session" is active for a secret group. > It occurs when you click on "[clear secret]" in the management dialog for a > secret that has been added previously. > > Best regards, > Dirk > > 2017/12/01 09:20:29 openxpki.system.ERROR:17722 The following parameter was > passed in the call to (eval) but was not listed in the validation options: > default > at /usr/share/perl5/MooseX/Params/Validate.pm line 67. > MooseX::Params::Validate::validated_hash(ARRAY(0x592c338), "group", > HASH(0x7afbd68), "MX_PARAMS_VALIDATE_NO_CACHE", 1) called at > /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line 59 > eval {...} called at > /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line 58 > OpenXPKI::MooseParams::named_args(ARRAY(0x592c338), "group", > HASH(0x7afbd68)) called at > /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/Session/Data.pm line 216 > OpenXPKI::Server::Session::Data::clear_secret(undef, "default") > called at > /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Crypto/TokenManager.pm line 422 > > OpenXPKI::Crypto::TokenManager::clear_secret_group(OpenXPKI::Crypto::TokenManager=HASH(0x6702720), > "default") called at > /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/API/Secret.pm line 81 > > OpenXPKI::Server::API::Secret::clear_secret("OpenXPKI::Server::API::Se > cret", HASH(0x7b22f08)) called at > /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/API.pm line 1801 > > > -----Ursprüngliche Nachricht----- > Von: Oliver Welter [mailto:[email protected]] > Gesendet: Donnerstag, 23. November 2017 16:55 > An: [email protected] > Betreff: Re: [OpenXPKI-users] Secret group session error after update > from 1.17 to 1.19 > > Hi Dirk, > > have a look at this Pull Request if you want to patch it by yourself > https://github.com/openxpki/openxpki/pull/594/files > > I will also create new packages (v.1.19.5) > > Oliver > > Am 21.11.2017 um 10:39 schrieb Dirk Heuvels: >> Hi everyone, >> >> I have been using OpenXPKI 1.17 on Debian Jessie as issuing CA and recently >> updated to 1.19.4. >> >> Since then my default secret group (realm.ca-one.crypto.secret.default) >> cannot be cached in the session anymore. >> >> The crucial setting in crypto.yaml: >> secret: >> default: >> label: Default secret group of this realm >> method: plain >> cache: daemon -> works vs. .. >> cache: session -> breaks >> >> openxpki.log says: >> 2017/11/21 09:50:50 openxpki.system.ERROR:32521 Mandatory parameter 'value' >> missing in call to (eval) >> at /usr/share/perl5/MooseX/Params/Validate.pm line 67. >> MooseX::Params::Validate::validated_hash(ARRAY(0x4eb27a0), "group", >> HASH(0x6fb38e0), "value", HASH(0x6fc8808), "MX_PARAMS_VALIDATE_NO_CACHE", 1) >> called at /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line >> 59 >> eval {...} called at >> /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/MooseParams.pm line 58 >> OpenXPKI::MooseParams::named_args(ARRAY(0x4eb27a0), "group", >> HASH(0x6fb38e0), "value", HASH(0x6fc8808)) called at >> /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Server/Session/Data.pm line 190 >> (..) >> >> I have noticed, that session handling has changed from 1.17 to 1.19 and have >> added "system.server.session.type: File", as advised by the warnings that >> come up otherwise. >> I also tried out the server.yaml that comes as default with 1.19 and that >> stores sessions in the database. This doesn't change the behavior either. >> >> Are there any other settings that must be set with the new session >> management or is this possibly a bug? >> >> Thanks in advance, >> Dirk >> >> --------------------------------------------------------------------- >> - >> -------- Check out the vibrant tech community on one of the world's >> most engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> _______________________________________________ >> OpenXPKI-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/openxpki-users >> > > > -- > Protect your environment - close windows and adopt a penguin! > > ---------------------------------------------------------------------- > -------- Check out the vibrant tech community on one of the world's > most engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users > -- Protect your environment - close windows and adopt a penguin! ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
