Frequent logouts and Session swap / hijack in JIRA

Vishal Gautam July 2, 2013

This problem has been resolved, adding it here if others encounter it ...

Poblem: Frequent logouts and sessions getting swapped (or hijacked) for some logged in users. When session swap / hijack happens you would see someone else's name as logged in user on top right and if you do not notice and create an issue or comment, it will go as the other user. Conversely, you may find an issue or comment created by your name but you didn't do it.

Environment: JIRA 6.0.x with Apache 2.2.15 as reverse proxy on CentOS 6.2

1 answer

1 accepted

4 votes
Answer accepted
Vishal Gautam July 2, 2013
CAUSE
We use Apache as reverse proxy (mod_proxy) for JIRA server as it handles ssl and talks to JIRA at port 8080 via ProxyPass. We were also using mod_cache's disk based caching for all urls. Use of mod_cache is known to create problem of session mix ups when Apache is used as reverse proxy with JIRA (see links below). Since Apache had been running possibly as long as the uptime of JIRA server which is 101 days, its cache got into a bad state as seen by errors in ssl_error_log file mentioned below, creating a situation where it started to either drop or mix up JSESSIONID cookie sent by JIRA to client. This results in logout of client or worse session mixups.

Error in ssl_error_log
[Thu Jun 06 23:02:05 2013] [error] (103)Software caused connection abort: cache: error returned while trying to return disk cached data
Links pointing to this problem
RESOLUTION

Restart of Apache itself fixed the issue, but for future following lines have been commented in /etc/httpd/conf/httpd.conf, which is also recommended configuration.

#<IfModule mod_disk_cache.c>
# CacheEnable disk /
# CacheRoot "/var/cache/mod_proxy"
#</IfModule>

Moriah Chandler
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 24, 2013

Won't this affect performance on the UI? We are having this issue (3 hi-jacks in the past 2 weeks) and the security risk it presents is a big deal at my company. But as the admin, I am very concerned about doing anything that may slow the app down. We are already having rendering issues frequently (probably because we are all on the latest dev Chrome).

Suggest an answer

Log in or Sign up to answer