Unable to logout

Question

Unable to logout

Closed this issue 6 years ago · 4 comments

Hello, I was testing this library against my redfish server. While running the example, I encountered this error:

{'@odata.context': '/redfish/v1/$metadata#Session.Session',
'@odata.id': '/redfish/v1/SessionService/Sessions/m9hv9CudGZ',
'@odata.type': '#Session.v1_0_2.Session',
'Description': 'Manager User Session',
'Id': 'm9hv9CudGZ',
'Name': 'User Session',
'UserName': 'root'}
<redfish.rest.v1.RestResponse object at 0x7f0a83412a90>
200
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-UA-Compatible IE=11
X-Frame-Options DENY
X-XSS-Protection 1; mode=block
X-Content-Security-Policy default-src 'self'
Pragma no-cache
Cache-Control no-Store,no-Cache
Server iBMC
Date Wed, 23 May 2018 22:24:42 GMT
Content-Length 0
connection Keep-Alive

Traceback (most recent call last):
File "/home/user/example.py", line 44, in
REDFISH_OBJ.logout()
File "/home/user/python-redfish-library/src/redfish/rest/v1.py", line 882, in logout
session_loc = self.__session_location.replace(self.__base_url, '')
AttributeError: 'NoneType' object has no attribute 'replace'

What I can gather is: The http response object is not providing a location header
I'm able to create and delete sessions using curl (https://github.com/HewlettPackard/ilo-rest-api-docs/blob/master/source/includes/_ilo5_authentication.md)
If I try another auth method, such as "basic" there is no error.

I'm still debugging what exactly is happening inside http\client.py (HTTPSconnection).

Answer 1 · 2018-05-23T23:28:34.000Z

The service not returning a Location header with the session URI would be the most likely cause of this error (as you surmised). And from the output above, it indeed looks like the Location header is not being returned.

But I'm a little confused. You say that:

I'm able to create and delete sessions using curl

Where are you getting the URI to send the DELETE to via curl if the service isn't returning the Location header? Are you saying that the Location header is NOT returned when you create the session via python-redfish-library, but IS returned when you create the session via curl? Trying to a clearer picture of what is happening.

Answer 2 · 2018-05-25T15:46:58.000Z

Hello Bill, thanks for the quick response.

I was getting the session id using the @odata.id value, shown by curl. After a better inspection on the http headers I noticed curl responses also do not provide the location header.

The issue is within my redfish server is not providing the location in the http header (yet It could be calculated using the @odata.id) nothing is being lost from the side of python-redfish-library.

Answer 3 · 2018-05-25T16:28:15.000Z

Given the "shall" language in the Redfish specification, I'd be hesitant to add a fallback method to using the @odata.id property in the payload. If the service is not returning the Location header in the response to a successful POST, then the service is not conformant with the spec.

Answer 4 · 2018-05-31T21:35:26.000Z

Discussion on 5/31: No change will be taken since the service is not conforming with the Redfish spec. The recommendation is the service should be updated so that the Location header is returned on the POST operation.