diff --git a/hub/kojixmlrpc.py b/hub/kojixmlrpc.py index e74138ad..746b5b20 100644 --- a/hub/kojixmlrpc.py +++ b/hub/kojixmlrpc.py @@ -19,7 +19,6 @@ # Mike McLean import datetime -import email import inspect import logging import os @@ -814,12 +813,6 @@ def application(environ, start_response): ('Content-Length', str(len(response))), ('Content-Type', "text/xml"), ] - if hasattr(context, 'session') and context.session.logged_in: - headers += [ - ('Koji-Session-Id', str(context.session.id)), - ('Koji-Session-Key', str(context.session.key)), - ('Koji-Session-Callnum', str(context.session.callnum)), - ] start_response('200 OK', headers) if h.traceback: # rollback diff --git a/koji/auth.py b/koji/auth.py index cb2cc490..d97221ca 100644 --- a/koji/auth.py +++ b/koji/auth.py @@ -79,6 +79,7 @@ class Session(object): self._groups = None self._host_id = '' environ = getattr(context, 'environ', {}) + args = environ.get('QUERY_STRING', '') # prefer new header-based sessions if 'HTTP_KOJI_SESSION_ID' in environ: id = int(environ['HTTP_KOJI_SESSION_ID']) @@ -90,9 +91,8 @@ class Session(object): elif not context.opts['DisableURLSessions'] and args is not None: # old deprecated method with session values in query string # Option will be turned off by default in future release and removed later - args = environ.get('QUERY_STRING', '') if not args: - self.message = 'nor session header nor session args' + self.message = 'no session header or session args' return args = urllib.parse.parse_qs(args, strict_parsing=True) try: @@ -511,12 +511,6 @@ class Session(object): insert.execute() context.cnx.commit() - # update it here, so it can be propagated to the headers in kojixmlrpc.py - context.session.id = session_id - context.session.key = key - context.session.logged_in = True - context.session.callnum = 0 - # return session info return { 'session-id': session_id,