[rt-users] unprivileged users need to log in twice

Kevin Falcone falcone at bestpractical.com
Wed Dec 9 15:00:39 EST 2009


On Wed, Dec 09, 2009 at 11:40:32AM -0800, David Griffith wrote:
> Go to http://foobar.com/rt and you see the RT login screen.  Login as an 
> unprivileged user (Alice).  The username and password field will blank 
> out.  Type in Alice's username and password again, and you'll be logged in 
> as Alice.  That's the first part of the bug.  

What happens at http://foobar.com/rt/ vs /rt
Also, what is your URL after the initial failed login?

> The second part is when you 
> type in the username-password the second time.  If at that point you 
> attempt to log in as a privileged user, you'll log in, but your 
> permissions are that of an unprivileged user.

This sounds like the initial login worked enough to get you redirected
to /rt/SelfService/ which would certainly make it appear that you're
an unprivileged user when you then log in as Bob (the privileged user)

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20091209/ee57b1cc/attachment.pgp>


More information about the rt-users mailing list