Activating Wiki on a single host in fleet clears security cache for entire fleet

classic Classic list List threaded Threaded
6 messages Options
ktc
Reply | Threaded
Open this post in threaded view
|

Activating Wiki on a single host in fleet clears security cache for entire fleet

ktc
Hi, we noticed an issue during host activation where a single host being
activated would cause all hosts in the fleet to then clear their security
cache. Upon investigation, we discovered that this was due to a JGroups
message being sent for a DocumentUpdatedEvent. Here is a sample message
received by one of the hosts in the fleet:

Fri May 11 16:18:04 0995 GMT Wiki -@<host> [DEBUG] <null> (null) Received
JGroups remote event [event:
[org.xwiki.bridge.event.DocumentUpdatedEvent@16e3c8e3], source:
[{docversion=41.1, doclanguage=, origdocversion=41.1, origdoclanguage=,
docname=xwiki:XWiki.XWikiServerXwiki}], data: [{contextwiki=xwiki,
contextuser=XWiki.XWikiGuest}]], id: <id_here> timestamp: [Fri May 11
16:18:04 UTC 2018] air time: 22 ms RID=, SESSION=

From what we can tell, the initialization triggers the
XWikiServerXwikiDocumentInitializer's updateDocument() event. As expected,
this document update produces the DocumentUpdatedEvent shown above. When the
hosts receive this event through JGroups, it triggers [this condition in the
DefaultSecurityCacheRulesInvalidator](https://github.com/xwiki/xwiki-platform/blob/eb0354b7ac7730108751a137a4dbc80187cbaf37/xwiki-platform-core/xwiki-platform-security/xwiki-platform-security-bridge/src/main/java/org/xwiki/security/authorization/internal/DefaultSecurityCacheRulesInvalidatorListener.java#L220-L227),
which then proceeds to remove the 'xwiki' node from the security cache (and
everything else in the cache as well since they are all connected to that
node).

What is the purpose of this update document on initialization and is there
any way for us to avoid it? For example, we could perhaps override the
DefaultSecurityCacheRulesInvalidatorListener and comment out that condition
if there are no major repercussions. Thanks!



--
Sent from: http://xwiki.475771.n2.nabble.com/XWiki-Dev-f475773.html
Reply | Threaded
Open this post in threaded view
|

Re: Activating Wiki on a single host in fleet clears security cache for entire fleet

Denis Gervalle-2
Hi Ktc,

The unexpected behavior is the event sent by the XWikiServerXwikiDocumentInitializer. Upon starting a new node, there is no reason that the main wiki descriptor gets updated, and therefore no reason for an DocumentUpdatedEvent to be triggered. I hardly suggest trying to understand why such an update happens.

The purpose of cleaning the whole security cache when the main wiki descriptor is updated is simply to ensure that if this document update was updating the wiki owner, the new owner is taken into account. Since this owner receives admin right on the whole farm, all the information contained in the security cache could be invalid, hence the complete cleanup.

Please let us know if you find why the descriptor is updated.

--
Denis Gervalle
SOFTEC sa - CEO

On 11 May 2018, 18:44 +0200, ktc <[hidden email]>, wrote:
>
> XWikiServerXwikiDocumentInitializer's
ktc
Reply | Threaded
Open this post in threaded view
|

Re: Activating Wiki on a single host in fleet clears security cache for entire fleet

ktc
Hi Denis,

Thank you for your reply! We found out the reason is a document called
XWiki.XWikiServerXwiki whose title is empty. During the XWiki initialization
in 8.4.4 version(the version we use),  setDocumentFields
<https://github.com/xwiki/xwiki-platform/blob/stable-9.1.x/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/doc/AbstractMandatoryDocumentInitializer.java#L183-L186>  
will mark the document as needsUpdate if the title is blank(It only has
StringUtils.isBlank(document.getTitle()) in if statement for 8.4.4 version).
So it will then remove the security cache and cause the issue.

For the fix, we plan to add a title for XWiki.XWikiServerXwiki page, which
solved the issue in beta testing. Right now we didn't see any problem except
it will remove the security caches once more. Do you think it's safe doing
that? Thanks!



--
Sent from: http://xwiki.475771.n2.nabble.com/XWiki-Dev-f475773.html
Reply | Threaded
Open this post in threaded view
|

Re: Activating Wiki on a single host in fleet clears security cache for entire fleet

Thomas Mortagne
Administrator
On Thu, May 24, 2018 at 9:52 PM, ktc <[hidden email]> wrote:
> Hi Denis,
>
> Thank you for your reply! We found out the reason is a document called
> XWiki.XWikiServerXwiki whose title is empty. During the XWiki initialization

> in 8.4.4 version(the version we use),  setDocumentFields
> <https://github.com/xwiki/xwiki-platform/blob/stable-9.1.x/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/doc/AbstractMandatoryDocumentInitializer.java#L183-L186>

The right link is
https://github.com/xwiki/xwiki-platform/blob/xwiki-platform-8.4.4/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/internal/mandatory/AbstractMandatoryDocumentInitializer.java#L180.

The version you pointed out does not have the bug as you can see from
the first condition in the if (was fixed in 9.0RC1 it seems) ;)

> will mark the document as needsUpdate if the title is blank(It only has
> StringUtils.isBlank(document.getTitle()) in if statement for 8.4.4 version).
> So it will then remove the security cache and cause the issue.
>
> For the fix, we plan to add a title for XWiki.XWikiServerXwiki page, which
> solved the issue in beta testing. Right now we didn't see any problem except
> it will remove the security caches once more. Do you think it's safe doing
> that? Thanks!
>
>
>
> --
> Sent from: http://xwiki.475771.n2.nabble.com/XWiki-Dev-f475773.html



--
Thomas Mortagne
ktc
Reply | Threaded
Open this post in threaded view
|

Re: Activating Wiki on a single host in fleet clears security cache for entire fleet

ktc
Hi Thomas,

Thanks for the reply! Yes, the link you provided is the right one with the
bug we face. The thing is we may not be able to upgrade to a newer version
of XWiki recently, so we plan to add a title for XWikiServerXwiki page as
the workaround. Do you think it is safe? And do you have any specific idea
why an internal XWiki page exists without a title and how we can prevent
this from happening again? Thank you!



--
Sent from: http://xwiki.475771.n2.nabble.com/XWiki-Dev-f475773.html
Reply | Threaded
Open this post in threaded view
|

Re: Activating Wiki on a single host in fleet clears security cache for entire fleet

Thomas Mortagne
Administrator
On Fri, May 25, 2018 at 7:27 PM, ktc <[hidden email]> wrote:
> Hi Thomas,
>
> Thanks for the reply! Yes, the link you provided is the right one with the
> bug we face. The thing is we may not be able to upgrade to a newer version
> of XWiki recently, so we plan to add a title for XWikiServerXwiki page as
> the workaround. Do you think it is safe?

> And do you have any specific idea
> why an internal XWiki page exists without a title and how we can prevent
> this from happening again? Thank you!

Having an empty title field is something very common and it's
definitely not a bug. If you actually go to the XWikiServerXwiki page
you will notice that it does display a title, it's just that the title
come from the sheet which control how wiki descriptors are displayed.

The situation you are in is just a silly mistake in
AbstractMandatoryDocumentInitializer side because before
XWikiServerXwikiDocumentInitializer (8.0) there was no use case like
this (this was mostly introduced to generate classes). For some reason
it does not seems to be an issue for
http://www.xwiki.org/xwiki/bin/view/XWiki/XWikiServerXwiki?viewer=history
which is running on 8.4.4 too right now (not really sure why).

>
>
>
> --
> Sent from: http://xwiki.475771.n2.nabble.com/XWiki-Dev-f475773.html



--
Thomas Mortagne