search

zowe / zlux

The top-level superproject for zLUX. zLUX includes the Zowe Desktop framework in addition to several built-in apps and an example server implementation.
Eclipse Public License 2.0
38 stars 42 forks source link

Issues with Zowe Desktop in High Availability mode #969

Closed skurnevich closed 5 months ago

skurnevich commented 1 year ago

Desktop through APIML login works fine, but Session Renewal Error appear occasionally, part of requests work fine, another return 401. That happens only when two HA instances are running at the same time, if we stop one - Desktop through APIML works fine as usual. Also “ZWED0302I - HA mode is disabled” message appears in logs.

Steps to Reproduce

  1. Configure Zowe for HA mode
  2. Start both instances at the same time
  3. Open Zowe Desktop through the gateway
  4. Try to use the Editor app / refresh page to check auth refresh work etc

Zowe 2.7.0, haven't tested on earlier versions but it also could be affected.

Found several issues, fixing those solves the symptoms, but it looks like we could use codebase review in that area.

components/app-server/share/zlux-server-framework/lib/util.js isHaMode function checks for env var ZWE_HA_INSTANCES_COUNT which does not exist

components/app-server/share/zlux-server-framework/plugins/sso-auth/lib/zssHandler.js Cookie name usage may be wrong (COOKIE_NAME_BASE + zssPort vs COOKIE_NAME_BASE + zoweInstanceId), COOKIE_NAME_BASE + zssPort works for both HA and non-HA, need to check usage of COOKIE_NAME_BASE + zoweInstanceId.

components/app-server/share/zlux-server-framework/plugins/sso-auth/lib/apimlHandler.js authenticate function has bug when checking for request.body, need to check if it is not an empty object (request.body && request.body.username)

1000TurquoisePogs commented 5 months ago

All of these were merged for v2.14.0