[rt-users] Users randomly being logged in as other users

vmos pcbadger at gmail.com
Fri Nov 19 05:50:03 EST 2010


Well we upgraded from debian sarge to debian lenny so that included an apache
upgrade. I don't see mod_cache enabled on the new or the old server, do you
think that would help?


Jeff Voskamp wrote:
> 
> On 11/18/2010 04:31 AM, vmos wrote:
>> 
>> You're right, we went from 3.3 to 3.8.7. I think 2.4 was the nagios
>> version I
>> recently upgraded.
>> There's no proxy. I wouldn't have thought that cookies were being passed
>> about, the network is identical, it hasn't changed.
>> All we've changed is the server and version. All this server does is RT
>> 
>> 
>> Kevin Falcone-2 wrote:
>>>
>>> On Wed, Nov 17, 2010 at 06:07:22AM -0800, vmos wrote:
>>>>
>>>> Hello, we were running RT 2.4 and we decided to upgrade to 3.8. we
>>>> built
>>>> a
>>>> new server and instead of running it in-house, we moved it into our
>>>> data
>>>> centre.
>>>
>>> There was no RT release labeled 2.4, and you should be more specific
>>> about which release of 3.8.  3.8 covers releases of RT over more than
>>> 2.5 years.
>>>
>>> You haven't really provided helpful details (such as authorization and
>>> webserver configurations) so any speculating is guesswork.
>>>
>>> Usually this involves a proxy server or incorrect caching.
>>> You really need to sort out if there are cookies being passed from
>>> user to user or something else going on.
>>>
>>> -kevin
>>>
>>>> The we started getting a problem were you would click on a link in RT
>>>> or
>>>> refresh the page and suddenly you would be logged in as somebody else.
>>>> I asked about this and was told that it was down to some sort of NAT
>>>> issue
>>>> between here and our DC as we all appeared to be coming from the same
>>>> IP
>>>> address.
>>>> After trying and failing to get to the bottom of the NAT issue, we
>>>> decided
>>>> to move the server back in-house. It's now in the same rack, plugged in
>>>> to
>>>> the same switch as the old server (that NEVER had this issue)
>>>> That was two days ago and now we see the problem is still happening. 
>>>>
>>>> What's going on?
>>>> -- 
>>>> View this message in context:
>>>> http://old.nabble.com/Users-randomly-being-logged-in-as-other-users-tp30238345p30238345.html
>>>> Sent from the Request Tracker - User mailing list archive at
>>>> Nabble.com.
>>>>
>>>
>>>  
>>>
>> 
> I thought I recalled issues with mod_cache in apache and mixed sessions.
>  I don't recall if you mentioned any apache changes at the same time.
> 
> Jeff
> 
> 

-- 
View this message in context: http://old.nabble.com/Users-randomly-being-logged-in-as-other-users-tp30238345p30256452.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.




More information about the rt-users mailing list