[rt-users] RT 3.8.10 and users

Joshua Knarr knarrj at gsicommerce.com
Tue Jun 21 12:17:05 EDT 2011


OK now that I have a stable 3.8.10 life is easier.

Using a fresh browser and tcpdump we found that RT seems to be giving
out RT_SID_ cookies at inappropriate times.

LOG
GET / HTTP/1.1
User-Agent: curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7
OpenSSL/0.9.8l zlib/1.2.3
Host: gsiticket.gspt.net
Accept: */*
HTTP/1.1 200 OK
Date: Tue, 21 Jun 2011 16:10:08 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RT_SID_gsiticket.80=badf8277bff46da285a9a4d9b7418d92; path=/
...
/LOG

The problem is that this RT_SID already exists for another user, which
is why this happens. If I fire up firebug in firefox and set this, I can
be basically anyone who is actively logged in. 

Ideas?

On Tue, 2011-06-21 at 11:23 -0400, Joshua Knarr wrote:

> OK I know the wiki isn't official - what's the official source for the
> mailing list archives?
> 
> On Tue, 2011-06-21 at 11:03 -0400, Kevin Falcone wrote: 
> 
> > On Tue, Jun 21, 2011 at 10:33:54AM -0400, Joshua Knarr wrote:
> > >    We have a very infrequent problem with RT 3.8.10 where users can sometimes get another users
> > >    session. I have not been able to reproduce this for my user account. Out of maybe 300 people
> > >    who look at RT every day, 2 of them have this problem.
> > > 
> > >    Anyone seen this before?
> > 
> > If you search the mailing list archives, this always seems to be a
> > proxy or mod_cache misbehaving
> > 
> > -kevin
> > --------
> > 2011 Training: http://bestpractical.com/services/training.html
> 
> 
> --------
> 2011 Training: http://bestpractical.com/services/training.html
> 
> 
> 

-- 
Joshua Knarr
Systems Engineer
GSI Commerce, Inc.  http://www.gsicommerce.com
E-Mail: knarrj at gsicommerce.com
Office: 610-491-7110
Mobile: 484-636-7371

The information contained in this electronic mail transmission is
intended only for the use of the individual or entity named in this
transmission. If you are not the intended recipient of this
transmission, you are hereby notified that any disclosure, copying or
distribution of the contents of this transmission is strictly prohibited
and that you should delete the contents of this transmission from your
system immediately. Any comments or statements contained in this
transmission do not necessarily reflect the views or position of GSI
Commerce, Inc. or its subsidiaries and/or affiliates.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110621/ea93173f/attachment.htm>


More information about the rt-users mailing list