[rt-users] Logout doesn't work?
Michael J. Maravillo
mike.maravillo at q-linux.com
Tue Aug 22 03:02:35 EDT 2000
Hello Jesse,
This was tested on both Netscape 4.75 and lynx 2.8.3. All cookie
transfers are the same with either the "Send authentication info
to all scripts on this server." option enable or not.
The problem still is, when I login with the option enabled... do
some queue transactions... then logout, I can login over and over
again even if I issue an invalid username/password pair. I had
to exit all occurences of the browser to work around the problem.
I'm just wondering if I'm the only one experiencing this?
TIA,
Mike
Enter RT site:
http://www.domain.com/rt/webrt.cgi
Cookies:
RT_USERNAME=
Enter username/password, click login:
http://www.domain.com/rt/webrt.cgi?
Cookies:
RT_PASSWORD=xxxyyyzzzaaabbbccc
RT_USERNAME=mike.maravillo
Click logout:
http://www.q-linux.com/rt/webrt.cgi?display=Logout
Cookies:
RT_PASSWORD=
RT_USERNAME=
On Mon, Aug 21, 2000 at 04:16:21PM -0400, Jesse wrote:
> That really doesn't sound right. Can you turn on "notify me of cookies" and
> start from a freshly loaded browser and tell us what it sets for cookies?
>
> On Tue, Aug 22, 2000 at 04:03:10AM +0800, Michael J. Maravillo wrote:
> >
> > I've just installed 1.0.4 and I'm not sure if the following is
> > the intended behaviour: everytime I click on logout, be it on
> > admin-webrt.cgi or webrt.cgi, then click on login again, I'm able
> > to get in without typing any password.
> >
> > The very first time I've logged in, I had the button "Send
> > authentication info to all scripts on this server." checked.
> >
> > I'd like to know if it's a bug (in the cookie management
> > perhaps?) or just a misconfiguration issue.
--
.--. Michael J. Maravillo office://+63.2.894.3592/
( () ) Q Linux Solutions, Inc. http://www.q-linux.com/
`--\\ Open Source Consultancy / Support / Training / Software Dev't.
More information about the rt-users
mailing list