Page MenuHomePhabricator
Create Task
Maniphest T243123

Login to at least en.wikipedia.beta.wmflabs.org and commons.wikimedia.beta.wmflabs.org sometimes fails with `There seems to be a problem with your login session`
Closed, ResolvedPublic
Actions

Assigned To
Eevans
Authored By
zeljkofilipin
Jan 18 2020, 1:45 PM
Tags
Referenced Files
F31625062: Snímek z 2020-02-21 05-44-20.png
Feb 21 2020, 4:45 AM
F31625063: Snímek z 2020-02-21 05-44-37.png
Feb 21 2020, 4:45 AM
F31625052: Snímek z 2020-02-21 05-37-33.png
Feb 21 2020, 4:39 AM
F31625053: Snímek z 2020-02-21 05-38-01.png
Feb 21 2020, 4:39 AM
F31619694: vagrant.png
Feb 17 2020, 5:34 PM
F31521009: betacommons.png
Jan 22 2020, 10:38 AM
F31517970: beta.png
Jan 20 2020, 10:42 AM
F31517967: beta.png
Jan 20 2020, 10:39 AM
View All 9 Files
Subscribers
Aklapper
awight
BPirkle
Cparle
CptViraj
Daimona
DannyS712
View All 26 Subscribers
Tokens
"Party Time" token, awarded by zeljkofilipin."Like" token, awarded by Cparle."Heartbreak" token, awarded by Kaartic."Heartbreak" token, awarded by WMDE-Fisch."Heartbreak" token, awarded by awight.

Description

On 2020-01-18 (build 525), selenium-daily-beta-MediaWiki (targeting https://en.wikipedia.beta.wmflabs.org) started failing with error message:

There seems to be a problem with your login session; this action has been canceled as a precaution against session hijacking. Please resubmit the form.

User-should-be-able-to-log-in-%40daily.png (888×1 px, 102 KB)

On 2020-01-20 (build 199), selenium-daily-betacommons-MediaWiki (targeting https://commons.wikimedia.beta.wmflabs.org) started failing too.

betacommons.png (888×1 px, 84 KB)

@Cparle and I have tried to log in to https://en.wikipedia.beta.wmflabs.org manually several times, and it works sometimes, sometimes we get the above error message.

Details

SubjectRepoBranchLines +/-
Configurable query and connect timeoutsmediawiki/services/kaskmaster+53 -6
Customize query in gerrit

Related Objects
Search...

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
zeljkofilipin renamed this task from selenium-daily-beta-MediaWiki fails with `There seems to be a problem with your login sesion` to Login to en.wikipedia.beta.wmflabs.org sometimes fails with `There seems to be a problem with your login sesion`.Jan 20 2020, 10:35 AM
zeljkofilipin updated the task description. (Show Details)
zeljkofilipin added a project: MediaWiki-User-login-and-signup.
zeljkofilipin added a project: Beta-Cluster-Infrastructure.Jan 20 2020, 10:37 AM
zeljkofilipin added a comment.Jan 20 2020, 10:39 AM

I'm not sure if it's related, but I just got The provided authentication token is either expired or invalid. error message after logging in.

beta.png (821×1 px, 228 KB)

zeljkofilipin added a comment.Jan 20 2020, 10:42 AM

I've tried to log in/out a few more times, and now I got: No active login attempt is in progress for your session.

beta.png (821×1 px, 222 KB)

zeljkofilipin added a project: MediaWiki-extensions-CentralAuth.Jan 20 2020, 10:43 AM
matthiasmullie subscribed.Jan 20 2020, 4:22 PM
In T243123#5816145, @zeljkofilipin wrote:

I'm not sure if it's related, but I just got The provided authentication token is either expired or invalid. error message after logging in.

+1 - also just ran into this one

zeljkofilipin removed zeljkofilipin as the assignee of this task.Jan 21 2020, 8:53 AM
zeljkofilipin updated the task description. (Show Details)Jan 22 2020, 10:38 AM
zeljkofilipin renamed this task from Login to en.wikipedia.beta.wmflabs.org sometimes fails with `There seems to be a problem with your login sesion` to Login to at least en.wikipedia.beta.wmflabs.org and commons.wikimedia.beta.wmflabs.org sometimes fails with `There seems to be a problem with your login sesion`.Jan 22 2020, 10:41 AM
zeljkofilipin updated the task description. (Show Details)
WMDE-Fisch subscribed.Jan 22 2020, 3:26 PM
WMDE-Fisch added a comment.Jan 22 2020, 3:30 PM
In T243123#5816145, @zeljkofilipin wrote:

I'm not sure if it's related, but I just got The provided authentication token is either expired or invalid. error message after logging in.

beta.png (821×1 px, 228 KB)

+1 selenium-daily-beta-TwoColConflict seems to fail due to that also since 2020-01-20. ( at least I get the errors when I try to reproduce the issue targeting the beta cluster )

https://integration.wikimedia.org/ci/job/selenium-daily-beta-TwoColConflict/114/

WMDE-Fisch mentioned this in T243266: Fix failing TwoColConflict selenium-daily.Jan 22 2020, 3:31 PM
eprodromou added subscribers: BPirkle, Eevans, eprodromou.Jan 22 2020, 4:42 PM

@BPirkle @Eevans is this related to session storage?

zeljkofilipin renamed this task from Login to at least en.wikipedia.beta.wmflabs.org and commons.wikimedia.beta.wmflabs.org sometimes fails with `There seems to be a problem with your login sesion` to Login to at least en.wikipedia.beta.wmflabs.org and commons.wikimedia.beta.wmflabs.org sometimes fails with `There seems to be a problem with your login session`.Jan 22 2020, 5:08 PM
WDoranWMF assigned this task to Eevans.Jan 22 2020, 5:25 PM
WDoranWMF added a project: Platform Team Workboards (Clinic Duty Team).
WDoranWMF moved this task from Inbox to Doing(WIP:5) on the Platform Team Workboards (Clinic Duty Team) board.
zeljkofilipin moved this task from Deep work 🌊 to Waiting 🏹 on the User-zeljkofilipin board.Jan 22 2020, 6:14 PM
Eevans lowered the priority of this task from Unbreak Now! to Medium.Jan 22 2020, 11:23 PM

It looks like Cassandra queries from Kask have been intermittently timing out. Both Kask and Cassandra are co-located on the same VM, and it is pretty resource constrained, but AFAIK it has been working OK to this point; We can probably begin with a restart and go from there

In the meantime, I'm going to use this as an opportunity to see if Kask can be made more resilient to these sorts of timeouts, and/or better report on them.

It seems to be working OK at the moment so I'm going to downgrade the priority. Feel free to bump it back up if something changes.

Eevans added a comment.Jan 23 2020, 1:01 AM

The default timeouts in the Cassandra Go driver, both Timeout and ConnectTimeout are 600ms. This seems quite low, by comparison the Java and NodeJS drivers both use 12s and 5s respectively. I propose we make these values configurable in Kask (with defaults of 12s and 5s).

zeljkofilipin moved this task from Waiting 🏹 to Deep work 🌊 on the User-zeljkofilipin board.Jan 23 2020, 9:19 AM
gerritbot added a comment.Jan 24 2020, 1:56 AM

Change 566912 had a related patch set uploaded (by Eevans; owner: Eevans):
[mediawiki/services/kask@master] Configurable query and connect timeouts

https://gerrit.wikimedia.org/r/566912

gerritbot added a project: Patch-For-Review.Jan 24 2020, 1:56 AM
gerritbot added a comment.Jan 24 2020, 9:54 PM

Change 566912 merged by jenkins-bot:
[mediawiki/services/kask@master] Configurable query and connect timeouts

https://gerrit.wikimedia.org/r/566912

Maintenance_bot removed a project: Patch-For-Review.Jan 24 2020, 10:11 PM
Eevans added a comment.Jan 24 2020, 10:27 PM

Kask has been updated with higher (default) Cassandra timeouts, and deployment-prep has been updated. I'm going to close this, feel free to re-open if this happens again.

Eevans closed this task as Resolved.Jan 24 2020, 10:28 PM
Eevans moved this task from Doing(WIP:5) to Done on the Platform Team Workboards (Clinic Duty Team) board.
Eevans mentioned this in rMSKS662f71ebf9bc: Configurable query and connect timeouts.Jan 25 2020, 2:07 AM
zeljkofilipin reopened this task as Open.Jan 27 2020, 9:13 PM

The job is failing again (535) with the same error message (png, mp4).

WMDE-Fisch added a comment.Jan 29 2020, 4:22 PM

Sooo this issue is still responsible for the Two-Column-Edit-Conflict-Merge daily selenium test failing every day for some time (125). The build artifacts are not very helpful, but when I run the tests from my local machine facing beta I still get a couple of login errors and lost sessions at random points during the test run. - Is anyone working on this or feels responsible at least?

Looking at the tests linked by @zeljkofilipin that do not fail every day, I could add that the Two-Column-Edit-Conflict-Merge tests create an additional account in the background that uses the MWBot to login and edit a page. The tests also need to login once for every spec to enable the beta feature of the extension.

zeljkofilipin moved this task from Deep work 🌊 to Waiting 🏹 on the User-zeljkofilipin board.Feb 5 2020, 2:37 PM
Ephemeralwaves subscribed.Feb 10 2020, 4:07 PM
awight awarded a token.Feb 13 2020, 9:27 AM
awight subscribed.
WMDE-Fisch awarded a token.Feb 13 2020, 9:27 AM
WMDE-Fisch mentioned this in T245125: Login to en.wikisource.beta.wmflabs.org always fails with session error.Feb 13 2020, 9:44 AM
Tarrow added subscribers: Jakob_WMDE, Tarrow.Feb 14 2020, 3:09 PM

With a successfully logged in users @Jakob_WMDE and I found that we were intermittently regularly getting CSRF token failures for just minted tokens that should have been valid. Sounds like it could be directly related to this (session storage) too.

Urbanecm merged a task: T245125: Login to en.wikisource.beta.wmflabs.org always fails with session error.Feb 17 2020, 8:29 AM
Urbanecm merged a task: T244951: Can't login on the beta cluster Commons.
Urbanecm added subscribers: Masumrezarock100, Urbanecm, Kaartic.
Daimona merged a task: T245386: Unable to create abuse filter on the beta cluster.Feb 17 2020, 12:13 PM
Daimona added a subscriber: DannyS712.
zeljkofilipin added a comment.Feb 17 2020, 5:34 PM

I just got the error message while trying to log in to a local mediawiki-vagrant mediawiki instance.

vagrant.png (821×1 px, 186 KB)

Daimona subscribed.Feb 17 2020, 5:47 PM

FWIW, this is not happening on a local, non-vagrant, MediaWiki installation, using the current MW core master.

Cparle added a comment.EditedFeb 18 2020, 10:21 AM

Not happening on my local vagrant either :/ At least not often enough that I've noticed

Eevans added a comment.Feb 18 2020, 2:37 PM

I don't think this is sessionstore, (at least, it's not the timeout issue with Cassandra that we saw before).

In T243123#5890758, @zeljkofilipin wrote:

I just got the error message while trying to log in to a local mediawiki-vagrant mediawiki instance.

vagrant.png (821×1 px, 186 KB)

Is mediawiki-vagrant even setup to use sessionstore for sessions?

zeljkofilipin added a comment.Feb 18 2020, 2:41 PM

@Eevans I don't know much about MediaWiki-Vagrant internals. I've been useing MediaWiki-Vagrant for years and I don't think I've ever seen that error. I've assumed it's the same problem, because the error message was the same. If nobody else has that problem, maybe it's something specific to my machine.

WMDE-Fisch added a comment.Feb 19 2020, 7:38 AM
In T243123#5893040, @zeljkofilipin wrote:

@Eevans I don't know much about MediaWiki-Vagrant internals. I've been useing MediaWiki-Vagrant for years and I don't think I've ever seen that error. I've assumed it's the same problem, because the error message was the same. If nobody else has that problem, maybe it's something specific to my machine.

Would probably good to know which roles you used on your local environment when this happened to you locally. It's probably an issue specific to a configuration.

zeljkofilipin added a comment.Feb 19 2020, 10:37 AM

I don't remember which roles I had enabled at the time, sorry. I've either had no roles, or minerva, or templatewizard, because that's what I've been working on yesterday. The error happened only once.

Eevans moved this task from Done to Inbox on the Platform Team Workboards (Clinic Duty Team) board.Feb 19 2020, 1:59 PM
Kaartic awarded a token.Feb 19 2020, 5:51 PM
Mholloway subscribed.Feb 20 2020, 9:10 PM
DannyS712 merged a task: T245799: Unable to login to en.wikisource.Feb 21 2020, 3:35 AM
DannyS712 added subscribers: Dvorapa, pywikibot-bugs-list.
Dvorapa added a comment.EditedFeb 21 2020, 3:46 AM

Pywikibot tests are failing due to this issue too. Since February 10, 2020 login to en.wikisource.beta.wmflabs.org fails all the time. The issue might be older and also might sometimes happen in production wikis, see T224712 for more details.

Dvorapa mentioned this in T224712: Attempt to login fails several times.Feb 21 2020, 3:55 AM
Dvorapa added a comment.EditedFeb 21 2020, 4:19 AM
In T243123#5885025, @Tarrow wrote:

With a successfully logged in users @Jakob_WMDE and I found that we were intermittently regularly getting CSRF token failures for just minted tokens that should have been valid. Sounds like it could be directly related to this (session storage) too.

I think this might have something to do with CSRF/login tokens

Dvorapa added a comment.Feb 21 2020, 4:25 AM
This comment was removed by Dvorapa.
Dvorapa added a comment.EditedFeb 21 2020, 4:39 AM

Is this correct? It doesn't seem so
en.wikipedia.beta.wmflabs.org

Snímek z 2020-02-21 05-44-20.png (743×1 px, 147 KB)

en.wikisource.beta.wmflabs.org
Snímek z 2020-02-21 05-44-37.png (743×1 px, 125 KB)

Dvorapa mentioned this in T243669: Travis fails on generate_family_file_tests.TestGenerateFamilyFiles.Feb 21 2020, 12:32 PM
CptViraj subscribed.Feb 24 2020, 7:47 AM
Lucas_Werkmeister_WMDE subscribed.Feb 24 2020, 3:57 PM
Eevans added a comment.Feb 24 2020, 4:13 PM

I believe this is pending https://gerrit.wikimedia.org/r/c/operations/mediawiki-config/+/574034 (T224712).

Cparle awarded a token.Feb 24 2020, 4:30 PM
Jdforrester-WMF subscribed.Feb 24 2020, 5:11 PM

https://gerrit.wikimedia.org/r/c/operations/mediawiki-config/+/574034 has now been deployed; is this still an issue?

Mholloway added a comment.Feb 24 2020, 5:12 PM

I think that did the trick. I just successfully logged out of Beta Commons.

Mholloway closed this task as Resolved.Feb 24 2020, 5:12 PM
Dvorapa added a comment.Feb 24 2020, 5:18 PM

Yes, Beta Wikisource login works again, either through API, or through web interface!

Kaartic added a comment.Feb 24 2020, 5:22 PM

Yeah, log in to Commons beta is possible using the Commons Android app (beta flavour). Thanks for fixing this 😄

Cparle added a comment.Feb 24 2020, 5:46 PM

+1 thanks @Eevans

Cparle added a subscriber: Pchelolo.Feb 24 2020, 5:50 PM

... and @Pchelolo and @Jdforrester-WMF !

zeljkofilipin awarded a token.Feb 25 2020, 10:49 AM
dom_walden mentioned this in T250986: Login to some beta wikis fail with "There seems to be a problem with your login session".Apr 24 2020, 7:01 AM
Soham subscribed.EditedJun 8 2020, 3:04 PM

I am still getting this issue but while running with Cypress, is this still an issue or does it have something to do with protocols since Selenium tests run fine?

Soham added a subtask: T249450: Getting Login Session Error when running tests with Cypress.Jun 8 2020, 3:20 PM
Soham mentioned this in T249450: Getting Login Session Error when running tests with Cypress.
zeljkofilipin removed a subtask: T249450: Getting Login Session Error when running tests with Cypress.Jun 8 2020, 5:58 PM
Pchelolo added a comment.Sep 2 2020, 7:05 PM

I think it's broken again, I can't login anywhere on the beta cluster...

Pchelolo added a comment.Sep 2 2020, 7:11 PM

never mind, fixed by restarting cassandra.

zeljkofilipin mentioned this in T263617: Cannot login to beta cluster: "There seems to be a problem with your login session...".Sep 23 2020, 8:25 AM
zeljkofilipin added a parent task: T270771: Keep selenium-daily-beta(commons)-MediaWiki Jenkins jobs green.Dec 23 2020, 3:26 PM
AMooney moved this task from Inbox to Done on the Platform Team Workboards (Clinic Duty Team) board.Mar 24 2021, 5:26 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits