[rt-users] Persistent Sessions

Ole Craig ocraig at stillsecure.com
Mon Jun 12 12:10:45 EDT 2006


On Mon, 2006-06-12 at 17:46 +0200, Stefan Lesicnik wrote:
> Hi Guys,
> 
> I hope someone can help me.  I have two computers both running Gentoo
> Linux, PHP 5.1.2 / 5.1.4, perl 5.8.8, perl fcgi 0.67 and RT 3.4.5.
> 
> The one machine is using perl, the other using fastcgi. I am
> experiencing pretty much the same problem on both machines. I log into
> the system fine, and when I click on a menu option, i get returned to
> the login page. I have tried this both from Mozilla Firefox and IE.
> 
> The machine running fastcgi seems a lot better, and I only get returned
> to login when i click on the general queue and select a ticket in the
> queue. The other machine running perl returns me to the login page if i
> click anything.
[...]

Stefan -
        Sounds like maybe a cookie issue? I had a similar problem at one
point, which turned out to be a combination of 
      * the presence of a couple of firefox settings and 
      * the absence of anything like a mind on my part. 

(I'm hoping the latter condition was temporary. :-)

        Under the "privacy" tab of Firefox's preferences dialogue, I had
set "allow sites to set cookies...UNLESS I have removed cookies set by
the site." During a troubleshooting session, I had explicitly removed a
cookie set by RT (because I thought I was getting a cached login.)
Because I had explicitly removed a cookie set by my RT site, firefox
wasn't setting any more cookies from them. Thus, I would get this
behavior (my actions parenthesized):

     1. login page displayed
     2. (enter uname/pw)
     3. login to RT accepted, RT-at-a-glance page displayed
     4. (click on a ticket, say #1234)
     5. login page displayed
     6. (mutter, grumble, enter uname/pw)
     7. login to RT accepted, ticket #1234 displayed
     8. (click on basics)
     9. login page displayed
    10. (howl, curse, excessive keyboard abuse while entering uname/pw)
    11. login to RT accepted, basics for #1234 displayed
[ &etcetera ad frustratiam ]

        When I unset firefox's "unless I have removed cookies set by
this site" preference, the problem went away.
  
-- 
/Ole Craig
Security Engineer

303-381-3802 (main support hotline)
303-381-3824 (my direct line)
303-381-3801 (fax)

www.stillsecure.com
. . .



More information about the rt-users mailing list