Homec4science
Diffusion invenio-infoscience 7bb3d3c1dea5

global: session 2.0
7bb3d3c1dea5
Actions

Authored by Tibor Simko <tibor.simko@cern.ch> on Jun 16 2015, 14:18.

Description

global: session 2.0

  • Upgrades session serialization to LZMA.
  • BETTER Implements session signing. This avoids cache request for invalid sessions and reduces the DDoS attack surface.
  • BETTER Removes IP address storage+checks. This avoids data privacy issues and enables users with multiple connections (e.g. WIFI+LTE, multiple WIFI connections on trains+stations) to stay signed in.
  • INCOMPATIBLE Drops all active sessions during upgrade. Might result in log entries about non-restorable sessions.

Signed-off-by: Tibor Simko <tibor.simko@cern.ch>

Details

Committed
Tibor Simko <tibor.simko@cern.ch>Jun 16 2015, 14:18
Parents
R3600:5eb290bb241a: global: invenio.css and invenio-ie7.css removal
Branches
Unknown
Tags
Unknown

Event Timeline

Tibor Simko <tibor.simko@cern.ch> committed R3600:7bb3d3c1dea5: global: session 2.0 (authored by Tibor Simko <tibor.simko@cern.ch>).Jun 16 2015, 14:18

Empty Commit

This commit is empty and does not affect any paths.
c4science ยท Help