Bug #101059
open
Allow install tool sessions without shared file system
0%
Description
Fix the session storage for the install tool for systems with multiple web servers without a shared file system.
Our TYPO3 setup consist of multiple nodes without a shared file system. All instances have access to the same S3 storage, database and cache server. A load balancer passes http requests randomly to one of the nodes.
In this setup, the install tool components of the TYPO3 backend do not work. When requesting the "Maintenance" backend module, the user is first required to login. After a successful login, one of two things happens:
- The user sees the message: 'The install tool session expired. Please reload the backend and try again.'
- The user is required to login again
Both outcomes indicate that the user session is lost.
The session service of the install tool seems to be hardcoded to file system based sessions.
\TYPO3\CMS\Install\Service\SessionService::__construct
$sessionHandler = GeneralUtility::makeInstance(
FileSessionHandler::class,
Environment::getVarPath() . '/session',
$this->expireTimeInMinutes
);
Without a shared file system between multiple nodes (or stickiness on the LB), file system based sessions will not work.
Suggestion: Use the configured `DatabaseSessionBackend` not only for the regular backend user session, but also for the install tool. Alternatively: Add an extra setting to configure the install tool session backend separately from the other backend session backend.
Updated by Benni Mack 10 months ago
- Related to Bug #72074: FileLockStrategy fails on NFS folders added
Updated by Benni Mack 10 months ago
- Related to Bug #93878: TYPO3 uses flock() directly (hard-wired) for session locking added