[rt-users] Re: user authentication not working with fcgi?

[acli@ada.dhs.org via news-to-mail gateway]

In article <15872.34792.89816.818631 at onceler.kciLink.com>,
Vivek Khera  <khera at kcilink.com> wrote:
>>>>>> "AL" == Ambrose Li <a.c.li at ieee.org> writes:
>
>AL> After I logged in from the local network, I tried to access
>AL> it off-site. To my surprise, the browser which is running
>AL> off-site shows that I am logged in. If I log off there, my
>
>My guess would be that whatever code generates the session key (ie,
>the cookie value) has become predictable and constant.  I don't know
>what that computation is, but it should include several elements such
>as the PID, time, and a PRNG value to be safe against guessing.

It seems that this is related to restarting the web server. After
restarting the web server, the first session will become the only
session.

If I delete everything in WebRT/sessiondata before restarting the
web server, it seems that different sessions are properly created.

Does any other FastCGI users experience the same problem? Or is it
only me?


-- 
Ambrose Li  <a.c.li at ieee.org>
http://ada.dhs.org/~acli/cmcc/  http://www.cccgt.org/

DRM is theft - We are the stakeholders