[rt-users] Logout doesn't work?
Jesse
jesse at fsck.com
Tue Aug 22 03:04:16 EDT 2000
Huh. I've not run into something like that in recent memory. Is anyone
else seeing it?
-J
On Tue, Aug 22, 2000 at 03:02:35PM +0800, Michael J. Maravillo wrote:
> Hello Jesse,
>
> This was tested on both Netscape 4.75 and lynx 2.8.3. All cookie
> transfers are the same with either the "Send authentication info
> to all scripts on this server." option enable or not.
>
> The problem still is, when I login with the option enabled... do
> some queue transactions... then logout, I can login over and over
> again even if I issue an invalid username/password pair. I had
> to exit all occurences of the browser to work around the problem.
>
> I'm just wondering if I'm the only one experiencing this?
>
> TIA,
> Mike
>
> Enter RT site:
> http://www.domain.com/rt/webrt.cgi
> Cookies:
> RT_USERNAME=
>
> Enter username/password, click login:
> http://www.domain.com/rt/webrt.cgi?
> Cookies:
> RT_PASSWORD=xxxyyyzzzaaabbbccc
> RT_USERNAME=mike.maravillo
>
> Click logout:
> http://www.q-linux.com/rt/webrt.cgi?display=Logout
> Cookies:
> RT_PASSWORD=
> RT_USERNAME=
>
> On Mon, Aug 21, 2000 at 04:16:21PM -0400, Jesse wrote:
> > That really doesn't sound right. Can you turn on "notify me of cookies" and
> > start from a freshly loaded browser and tell us what it sets for cookies?
> >
> > On Tue, Aug 22, 2000 at 04:03:10AM +0800, Michael J. Maravillo wrote:
> > >
> > > I've just installed 1.0.4 and I'm not sure if the following is
> > > the intended behaviour: everytime I click on logout, be it on
> > > admin-webrt.cgi or webrt.cgi, then click on login again, I'm able
> > > to get in without typing any password.
> > >
> > > The very first time I've logged in, I had the button "Send
> > > authentication info to all scripts on this server." checked.
> > >
> > > I'd like to know if it's a bug (in the cookie management
> > > perhaps?) or just a misconfiguration issue.
>
>
> --
> .--. Michael J. Maravillo office://+63.2.894.3592/
> ( () ) Q Linux Solutions, Inc. http://www.q-linux.com/
> `--\\ Open Source Consultancy / Support / Training / Software Dev't.
>
--
jesse reed vincent --- root at eruditorum.org --- jesse at fsck.com
pgp keyprint: 50 41 9C 03 D0 BC BC C8 2C B9 77 26 6F E1 EB 91
-------------------------------------------------------------
And I'm told we do share some common rituals. Our "flame war" is apparently
held in person in their land and called "project meeting".
-Alan Cox [on "Suits"]
More information about the rt-users
mailing list