[Koha-bugs] [Bug 36034] New: cas_ticket is set to serialized patron object in session
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Feb 8 11:46:26 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36034
Bug ID: 36034
Summary: cas_ticket is set to serialized patron object in
session
Change sponsored?: ---
Product: Koha
Version: 23.05
Hardware: All
OS: All
Status: NEW
Severity: blocker
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: andreas.jonsson at kreablo.se
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
The fix for bug 34893 alters the return value type of checkpw, but does not
adequately update the code everywhere where this is used. In particular, with
shibboleth enabled the cas_ticket is sent to a patron object which gets
serialized into the user session which quickly consumes a large amount of disk
space on a busy system.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list