This repository has been archived by the owner on Feb 15, 2024. It is now read-only.
Use native EZproxy support to terminate sessions #73
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
atc0005
added
enhancement
atc0005
force-pushed
the
ezproxy-sessions-prep-for-v0.2.0-release
branch
7 times, most recently
from
938cb8e to
302d5a4
Compare
BACKSTORY Not long after giving a demo on using brick + fail2ban to timeout existing sessions, I stumbled across another project on GitHub which uses `ezproxy kill` to terminate an active user session: - https://github.com/calvinm/ezproxy-abuse-checker/blob/d7202e617305745cf272df9918b1e95ff030f63f/block_user.pl#L32 - https://github.com/calvinm/ezproxy-abuse-checker/blob/master/block_user.pl Despite OCLC Support indicating otherwise, native support for terminating user sessions was clearly available. This built-in support offers a much safer/localized effect vs banning the IP associated with a reported account; banning the IP has the potential to have a much larger splash radius blocking legitimate user accounts. The primary developer for the `calvinm/ezproxy-abuse-checker` project confirmed that they learned of this support on the EZProxy mailing list: calvinm/ezproxy-abuse-checker#1 This is encouraging, as I am (at least a little) optimistic that this unpublished support will persist in future versions, at least until official, fully documented and supported functionality for terminating sessions is included. IMPLEMENTATION This commit adds (optional) support for terminating user sessions using the official EZProxy binary already present on EZproxy servers. The fully-qualified location of this binary is configurable via command-line flag, environment variable or TOML-format configuration file. Additional settings are provided to tune the sessions search process such as configurable retries and search delay. The session termination process involves reading current sessions from the Active Users and Hosts "state" file that EZproxy uses to track sessions and hosts managed by EZProxy and then using the EZproxy binary to terminate each session via the `kill` subcommand. As part of the early development efforts I initially tried to use the latest Audit logs to pull session IDs, but quickly realized that while the format was easier to parse, it was far less stable due to log rotation and the need to resolve the active state ourselves (logins minus logouts, minus timeouts, etc). Some of that support still remains as of this commit, but may be removed in a future release if found to not be needed. As of this writing I believe it can still be used as part of interacting with a future endpoint. The aforementioned search delay and retry settings are provided to work around an observed race condition between EZproxy recording state changes and other applications (such as ours) attempting to read the current state. The delay in EZproxy writing the changes to disk (or kernel settings?) may result in our application attempting to terminate sessions related to a monitoring system report and not finding them within the Active Users and Hosts "state" file. The defaults attempt to strike a balance between waiting a little longer in order to "find" and terminate those sessions vs moving on with current findings. The defaults may need to be adjusted further depending on the production environment. TEAMS NOTIFICATIONS Minor changes in an effort to better clarify the purpose of the lead-in content: - explicit `step X of Y` labeling to notification titles - consistent use of Note (preferred) and Error (fallback) field values to generate primary "summary" text - rename "Request Annotations" to "Request Errors" to reflect dedicated single purpose vs blend of Note and Error field values as before ADDITIONAL SUPPORT During development, the necessary code to interact with EZProxy was first created as a local package, but was eventually moved to a separate module in order to break out the changes for separate use. See the `atc0005/go-ezproxy` project for further information on that module. Two separate binaries were created during testing: - mock `ezproxy` binary which returns known return codes and results + some extra to help condition validation checks for what I believe will be unknown/unpublished return codes I've yet to encounter - `es` binary used to search for and optionally terminate active user sessions for a specified username. This binary supports the same search retry and delay settings as `brick` refs GH-31, GH-59
atc0005
force-pushed
the
ezproxy-sessions-prep-for-v0.2.0-release
branch
from
302d5a4 to
2d6f14c
Compare
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
MISSING
Light editing has been applied to cover new flags, config file settings, etc., but a larger refresh is still needed to introduce native termination support alongside the existing fail2ban integration.
A few known TODO items:
doc.gofileCHANGELOG.mdREADME.mddocs/*.mddoc filesBACKSTORY
Not long after giving a demo on using brick + fail2ban to timeout
existing sessions, I stumbled across another project on GitHub which
uses
ezproxy killto terminate an active user session:Despite OCLC Support indicating otherwise, native support for
terminating user sessions was clearly available. This built-in support
offers a much safer/localized effect vs banning the IP associated
with a reported account; banning the IP has the potential to have a
much larger splash radius blocking legitimate user accounts.
The primary developer for the
calvinm/ezproxy-abuse-checkerprojectconfirmed that they learned of this support on the EZProxy mailing
list: calvinm/ezproxy-abuse-checker#1
This is encouraging, as I am (at least a little) optimistic that this
unpublished support will persist in future versions, at least until
official, fully documented and supported functionality for terminating
sessions is included.
IMPLEMENTATION
This commit adds (optional) support for terminating user sessions
using the official EZProxy binary already present on EZproxy servers.
The fully-qualified location of this binary is configurable via
command-line flag, environment variable or TOML-format configuration
file. Additional settings are provided to tune the sessions search
process such as configurable retries and search delay.
The session termination process involves reading current sessions from
the Active Users and Hosts "state" file that EZproxy uses to track
sessions and hosts managed by EZProxy and then using the EZproxy
binary to terminate each session via the
killsubcommand.As part of the early development efforts I initially tried to use the
latest Audit logs to pull session IDs, but quickly realized that while
the format was easier to parse, it was far less stable due to log
rotation and the need to resolve the active state ourselves (logins
minus logouts, minus timeouts, etc). Some of that support still
remains as of this commit, but may be removed in a future release if
found to not be needed. As of this writing I believe it can still be
used as part of interacting with a future endpoint.
The aforementioned search delay and retry settings are provided to
work around an observed race condition between EZproxy recording state
changes and other applications (such as ours) attempting to read the
current state. The delay in EZproxy writing the changes to disk (or
kernel settings?) may result in our application attempting to
terminate sessions related to a monitoring system report and not
finding them within the Active Users and Hosts "state" file.
The defaults attempt to strike a balance between waiting a little
longer in order to "find" and terminate those sessions vs moving on
with current findings. The defaults may need to be adjusted further
depending on the production environment.
TEAMS NOTIFICATIONS
Minor changes in an effort to better clarify the purpose of the lead-in
content:
step X of Ylabeling to notification titlesto generate primary "summary" text
dedicated single purpose vs blend of Note and Error field values as
before
ADDITIONAL SUPPORT
During development, the necessary code to interact with EZProxy was
first created as a local package, but was eventually moved to a
separate module in order to break out the changes for separate use.
See the
atc0005/go-ezproxyproject for further information on thatmodule.
Two separate binaries were created during testing:
mock
ezproxybinary which returns known return codes and results +some extra to help condition validation checks for what I believe
will be unknown/unpublished return codes I've yet to encounter
esbinary used to search for and optionally terminate active usersessions for a specified username. This binary supports the same
search retry and delay settings as
brickREFERENCES