SessionID is invalid!!! (550 Groups)

[sayaksicseg]

I can't login to OTRS system with my Agents when they have RW permission to more than 550 groups.

¿Does anybody knows why this happens? ¿Any idea how to fix this?


Thanks!

[crythias]

Session ID is invalid points to something that's not group related. I'd check tables.

[sayaksicseg]

Hi!

Thanks for your answer.

So, here is the thing:

I repair the SessionID!!! error, aparrently it was a problem with the IP.
otrs.log

[Wed May 21 19:34:51 2014][Notice][Kernel::System::AuthSession::DB::CheckSessionID] RemoteIP of '103b992f0fe287116dbca8831ce1ee43f7' () is different with the request IP (190.161.126.14). Don't grant access!!! Disable config 'SessionCheckRemoteIP' if you don't want this!

DB.pm

Code: Select all

    # remote ip check
    if (
        $Data{UserRemoteAddr} ne $RemoteAddr
        && $Self->{ConfigObject}->Get('SessionCheckRemoteIP')
        )
    {
        $Self->{LogObject}->Log(
            Priority => 'notice',
            Message  => "RemoteIP of '$Param{SessionID}' ($Data{UserRemoteAddr}) is "
                . "different with the request IP ($RemoteAddr). Don't grant access!!!"
                . " Disable config 'SessionCheckRemoteIP' if you don't want this!",
        );

        # delete session id if it isn't the same remote ip?
        if ( $Self->{ConfigObject}->Get('SessionDeleteIfNotRemoteID') ) {
            $Self->RemoveSessionID( SessionID => $Param{SessionID} );
        }
        return;
    }

Then I get the "Session has timed out. Please log in again." error. I checked the files in the server and they exists at C:/PROGRA~2/OTRS/OTRS/var/tmp/CacheFileStorable/CacheInternalUser/
otrs.log

[Wed May 21 20:09:32 2014][Error][Kernel::System::Main::FileRead][337] Can't open 'C:/PROGRA~2/OTRS/OTRS/var/tmp/CacheFileStorable/CacheInternalUser/2654e8fe7e7ed86b0c8ee31fbf7a86d8': Permission denied
[Wed May 21 20:09:33 2014][Notice][Kernel::System::AuthSession::DB::CheckSessionID] SessionID (10275f90ebc25fd38375a55fff6fd67795) too old (389088 h)! Don't grant access!!!

DB.pm

Code: Select all

# check session time
    my $MaxSessionTime = $Self->{ConfigObject}->Get('SessionMaxTime');
    if ( ( $TimeNow - $MaxSessionTime ) >= $Data{UserSessionStart} ) {
        $Self->{CheckSessionIDMessage} = 'Session has timed out. Please log in again.';
        my $Timeout = int( ( $TimeNow - $Data{UserSessionStart} ) / ( 60 * 60 ) );
        $Self->{LogObject}->Log(
            Priority => 'notice',
            Message  => "SessionID ($Param{SessionID}) too old ($Timeout h)! Don't grant access!!!",
        );

        # delete session id if too old?
        if ( $Self->{ConfigObject}->Get('SessionDeleteIfTimeToOld') ) {
            $Self->RemoveSessionID( SessionID => $Param{SessionID} );
        }
        return;

¿How do I get to this problem?

There are 728 Groups (each group is assigned to one Queue) and I need an Agent able to find any ticket in the system (admin). So I create a Role named "Total Access" and linked this Role to all the groups.

Then I linked the Role to an Agent (admin) and it works. But when I logged out I wasn't able to access.

I removed the Role from the Agent (using another Agent) and I was able to access. Then I started linking Groups to the Agent (directly, not using Roles), when I get to 550 Groups I wasnt able to access. I tried different combinations and always fail with 550 groups.

This problem only happens when I try to access having more than 550 groups linked to an agent. But during the session I have no problems, even if there are 728 group linked tho the Agent.



Thankss for your help!


slavko.cl