- Moderated by:
- Support
Core-Devs need your help: Login Problems
-
- rank:
-
Professional
- registered:
- September 2002
- Status:
- offline
- last visit:
- 19.11.08
- Posts:
- 879
http://noc.postnuke.com/tracker/index.php?func=detail&aid=15902&group_id=5&atid=101
We had several reports of login problems with .8 RC3. Please test your installations with as many browsers as possible. We have no clue at all, if this problem really exists and if it exists, what it is related to.
This is the last big bug before the final release! So if you want a quick final, put all your energy into this!
--
best regards from Kiel, sailing city
Steffen Voss
Member of the PostNuke Steering Committee
Read The Zikulan's Blog
-
- rank:
-
Helper
- registered:
- March 2005
- Status:
- offline
- last visit:
- 18.11.08
- Posts:
- 166
The only login problem I've been able to found is related to this topic: http://community.postnuke.com/module-Forum-viewtopic-topic-54177-start-15.htm
If you have the caching enabled, after some logout/login or wrong password, you won't be able to login again until the cache expires (I suppose).
I cannot see any problem without the caching system enabled...
Do we know if the two guys who reported the bug are using PN with or without the caching enabled?
-
- rank:
-
Team Member
- registered:
- September 2006
- Status:
- offline
- last visit:
- 04.12.08
- Posts:
- 1498
nope, the cache is disabled
currently i have two broken sites and Dave has others...
The problems seems related with the Cookies in some environments...
--
- Mateo T. -
Mis principios... son mis fines
-
- rank:
-
Team Member
- registered:
- September 2006
- Status:
- offline
- last visit:
- 04.12.08
- Posts:
- 1498
We are looking deep with Chris hildebrandt (slam) about this issue,
by now seems that some servers randomly gets the cookie duplication.
There's no error message, because the session is lost as consequence of the dummy cookie.
I've tested a lot and move some code on SessionUtil to try solutions, but no total luck. I still have a cookie with path "/" that overrides my good cookie that has the path "/PostNuke08/" (when my site is located in a subfolder called /PostNuke08)...
--
- Mateo T. -
Mis principios... son mis fines
-
- rank:
-
Team Member
- registered:
- December 2003
- Status:
- online
- Posts:
- 2992
Arthens
I cannot see any problem without the caching system enabled...
Do we know if the two guys who reported the bug are using PN with or without the caching enabled?
Well, I can reproduce the error on my server, without caching enabled. Chris, seems very knowledgeable about apache, and while my server is not perfect, it seems adequate.. with no fatal problems. I am not the only one with the issue, of course, but I have many relationships within the PN community so, my server has become the primary focus of the investigation, as it is accessible. But the issue is 'reproducible' and demonstrable, and severe.
I guess since there is a bug report, and it is documented in the forums, we do not really have an idea of how wide spread the issue is.
I will try to contact those who have had login issues, and see if we can gather more data.
If anyone is having this issue, please let us know.
--
David Pahl
Zikula Support Team
-
- rank:
-
Helper
- registered:
- March 2005
- Status:
- offline
- last visit:
- 18.11.08
- Posts:
- 166
AmmoDump
Well, I can reproduce the error on my server
Well, How?
I mean... is the issue evident or you have to do something particular for reproduce it?
I'd like to reproduce it too for trying to help.
-
- rank:
-
Team Member
- registered:
- December 2003
- Status:
- online
- Posts:
- 2992
What we got:
I newer SVN (but I first had issues with pre-RC3 SVNs)
A subdomain which contains the PN install.
A cookie is produced for the for the subdomain (expected) and the root domain (not expected). The subdomain cookie is good, as long as not logged out.
Upon trying to login for a second time, we get an auth failure, due to the root cookie.
If the root cookie is deleted, login will pass.
But the root cookie is created again.
This happens on very different versions of apache/php/mysql.
There is some speculation as to why(ish)... but nothing we can confirm.
--
David Pahl
Zikula Support Team
-
- rank:
-
Helper
- registered:
- July 2002
- Status:
- offline
- last visit:
- 07.09.08
- Posts:
- 245
Here is a sample request/response that eventually fails. Comments follow in next post:
Code
=== www.fjeldgruppen.dk ===
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: www.fjeldgruppen.dk
Proxy-Connection: Keep-Alive
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:34:52 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Set-Cookie: POSTNUKESID=f52ea0591ec76826470dd41bad0ae8a9; expires=Sun, 30 Mar 2008 06:34:52 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606; expires=Sun, 30 Mar 2008 06:34:52 GMT; path=/
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: www.fjeldgruppen.dk
Proxy-Connection: Keep-Alive
Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606;
-------------------------------------------
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 118
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606;
*** Login OK
=== fjeldgruppen.dk ===
GET /index.php HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: fjeldgruppen.dk
Proxy-Connection: Keep-Alive
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:38:27 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Set-Cookie: POSTNUKESID=9f38ce4cbdb137a034605d8929deb3aa; expires=Sun, 30 Mar 2008 06:38:27 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613; expires=Sun, 30 Mar 2008 06:38:27 GMT; path=/
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: fjeldgruppen.dk
Proxy-Connection: Keep-Alive
Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:40:30 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 114
Host: fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613
-------------------------------------------
HTTP/1.1 302 Found
Date: Thu, 27 Mar 2008 06:41:56 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; expires=Sun, 30 Mar 2008 06:41:57 GMT; path=/
Location: http://fjeldgruppen.dk/
Transfer-Encoding: chunked
Content-Type: text/html
*** Login OK
=== www.fjeldgruppen.dk ===
GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
Accept: */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=29201419679d0593689a94ee1884f8d8
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:43:45 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=94bc4d9659708b7d2d43ebf1561fe7ab; expires=Sun, 30 Mar 2008 06:43:46 GMT; path=/
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 156
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=94bc4d9659708b7d2d43ebf1561fe7ab
-------------------------------------------
HTTP/1.1 302 Found
Date: Thu, 27 Mar 2008 06:44:58 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=6b9cd5a23024a5befa7a68bde5a55ff6; expires=Sun, 30 Mar 2008 06:44:58 GMT; path=/
Location: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Transfer-Encoding: chunked
Content-Type: text/html
*** Login FAILED
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 177
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=bd9e67ff8d065ca9111a72c0c730e551
-------------------------------------------
HTTP/1.1 302 Found
Date: Thu, 27 Mar 2008 06:46:28 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=0322d595274ed40b364a86207b27f1df; expires=Sun, 30 Mar 2008 06:46:28 GMT; path=/
Location: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Transfer-Encoding: chunked
Content-Type: text/html
*** Login FAILED again
-
- rank:
-
Helper
- registered:
- July 2002
- Status:
- offline
- last visit:
- 07.09.08
- Posts:
- 245
This is what happens:
1) I open www.fjeldgruppen.dk and get one POSTNUKESID cookie issued. Login works.
2) I open fjeldgruppen.dk and get a new POSTNUKESID cookie issued. Login works.
3) Back to www.fjeldgruppen.dk where I now POST TWO POSTNUKESID cookies (one for each domain). Login FAILS.
So apparently either PHP og PostNuke chokes on the fact that there are two POSTNUKESID cookies.
Maybe a solution would be to postfix POSTNUKESID with the sub-domoain? Then the session cookie names would be "POSTNUKESID" and "POSTNUKESID-www".
-
- rank:
-
Helper
- registered:
- July 2002
- Status:
- offline
- last visit:
- 07.09.08
- Posts:
- 245
I cannot always repeat this. I assume this is because the sequece of the two POSTNUKESID cookies changes - sometimes the correct one comes first, some times it does not. But I am not sure about this.
-
- rank:
-
Software Foundation
- registered:
- December 1969
- Status:
- offline
- last visit:
- 15.11.08
- Posts:
- 4481
can you redirect all requests to the 'www' subdomain for testing purposes?
a simple .htaccess will do the job:
Quote
# rewrite to www
RewriteCond %{HTTP_HOST} !^www\.fjeldgruppen.\.dk$
RewriteRule ^(.*)$ http://www.fjeldgruppen.dk/ [L,R=301]
--
regards from germany
..::[Zikula Application Framework]::.. ..::[SEO-Blog]::.. ..::[CMS Sicherheit]::..
-
- rank:
-
Helper
- registered:
- July 2002
- Status:
- offline
- last visit:
- 07.09.08
- Posts:
- 245
Lars: now I am not able to use fjeldgruppen.dk due to the redirect which always lands me on www.fjeldgruppen.dk. I assume this is what you wanted.
The result is that I never get a cookie for fjeldgruppen.dk (without www.) - and now it works, I am unable to reproduce the error, and I never send more than one cookie.
So this "works for me" - but it does not solve the issue when you have multiple websites on multiple sub-domains.
|
