Zikula Community

• kaffeeringe.de
  
  

  • Rank: Professional
  • Registered: 03.09.02
  • last visit: 12.02.10
  • Posts: 902

  Posted: 25.03.2008, 15:40

  http://noc.postnuke.com/tracker/index.php?func=detail&aid=15902&group_id=5&atid=101
  We had several reports of login problems with .8 RC3. Please test your installations with as many browsers as possible. We have no clue at all, if this problem really exists and if it exists, what it is related to.
  This is the last big bug before the final release! So if you want a quick final, put all your energy into this!
  
  --
  best regards from Kiel, sailing city
  
  Steffen Voss
  
  Member of the Zikula Steering Committee
  Read The Zikulan's Blog "If you want people to RTFM, make a better FM!"

  • 
  •  
• Arthens
  
  

  • Rank: Helper
  • Registered: 29.03.05
  • last visit: 13.03.10
  • Posts: 226

  Posted: 25.03.2008, 16:24

  The only login problem I've been able to found is related to this topic: http://community.postnuke.com/module-Forum-viewtopic-topic-54177-start-15.htm
  If you have the caching enabled, after some logout/login or wrong password, you won't be able to login again until the cache expires (I suppose).
  
  I cannot see any problem without the caching system enabled...
  Do we know if the two guys who reported the bug are using PN with or without the caching enabled?
  
  --
  Zikula Italia
  SimpleGallery

  • 
  •  
• nestormateo
  
  

  • Rank: Team Member
  • Registered: 06.09.06
  • last visit: 02.03.10
  • Posts: 2140

  Posted: 25.03.2008, 16:56

  nope, the cache is disabled
  currently i have two broken sites and Dave has others...
  
  The problems seems related with the Cookies in some environments...
  
  --
  - Mateo T. -
  Mis principios... son mis fines

  • 
  •  
• Arthens
  
  

  • Rank: Helper
  • Registered: 29.03.05
  • last visit: 13.03.10
  • Posts: 226

  Posted: 25.03.2008, 17:06

  Is it possibile to know more or less the server configuration?
  
  Are you able to reproduce the error?
  
  Do you get any error? What?
  
  
  
  edited by: Arthens, Mar 25, 2008 - 06:10 PM
  
  --
  Zikula Italia
  SimpleGallery

  • 
  •  
• nestormateo
  
  

  • Rank: Team Member
  • Registered: 06.09.06
  • last visit: 02.03.10
  • Posts: 2140

  Posted: 25.03.2008, 18:21

  We are looking deep with Chris hildebrandt (slam) about this issue,
  by now seems that some servers randomly gets the cookie duplication.
  
  There's no error message, because the session is lost as consequence of the dummy cookie.
  I've tested a lot and move some code on SessionUtil to try solutions, but no total luck. I still have a cookie with path "/" that overrides my good cookie that has the path "/PostNuke08/" (when my site is located in a subfolder called /PostNuke08)...
  
  --
  - Mateo T. -
  Mis principios... son mis fines

  • 
  •  
• AmmoDump
  
  

  • Rank: Team Member
  • Registered: 07.12.03
  • last visit: 06.02.10
  • Posts: 2701

  Posted: 26.03.2008, 01:52

  Arthens

  I cannot see any problem without the caching system enabled...
  Do we know if the two guys who reported the bug are using PN with or without the caching enabled?

  
  
  Well, I can reproduce the error on my server, without caching enabled. Chris, seems very knowledgeable about apache, and while my server is not perfect, it seems adequate.. with no fatal problems. I am not the only one with the issue, of course, but I have many relationships within the PN community so, my server has become the primary focus of the investigation, as it is accessible. But the issue is 'reproducible' and demonstrable, and severe.
  
  I guess since there is a bug report, and it is documented in the forums, we do not really have an idea of how wide spread the issue is.
  
  I will try to contact those who have had login issues, and see if we can gather more data.
  
  If anyone is having this issue, please let us know.
  
  
  
  --
  David Pahl
  Zikula Support Team

  • 
  •  
• JørnWildt
  
  

  • Rank: Helper
  • Registered: 02.07.02
  • last visit: 21.10.09
  • Posts: 240

  Posted: 26.03.2008, 13:42

  David, can you give me access to your server, so that I may try it out and see if I can figure out something? Please mail me: jw at fjeldgruppen dot dk

  • 
  •  
• Arthens
  
  

  • Rank: Helper
  • Registered: 29.03.05
  • last visit: 13.03.10
  • Posts: 226

  Posted: 26.03.2008, 14:11

  AmmoDump

  Well, I can reproduce the error on my server

  
  
  Well, How?
  
  I mean... is the issue evident or you have to do something particular for reproduce it?
  I'd like to reproduce it too for trying to help.
  
  --
  Zikula Italia
  SimpleGallery

  • 
  •  
• AmmoDump
  
  

  • Rank: Team Member
  • Registered: 07.12.03
  • last visit: 06.02.10
  • Posts: 2701

  Posted: 26.03.2008, 18:00

  What we got:
  
  I newer SVN (but I first had issues with pre-RC3 SVNs)
  A subdomain which contains the PN install.
  A cookie is produced for the for the subdomain (expected) and the root domain (not expected). The subdomain cookie is good, as long as not logged out.
  Upon trying to login for a second time, we get an auth failure, due to the root cookie.
  If the root cookie is deleted, login will pass.
  But the root cookie is created again.
  
  This happens on very different versions of apache/php/mysql.
  
  There is some speculation as to why(ish)... but nothing we can confirm.
  
  
  
  --
  David Pahl
  Zikula Support Team

  • 
  •  
• Arthens
  
  

  • Rank: Helper
  • Registered: 29.03.05
  • last visit: 13.03.10
  • Posts: 226

  Posted: 26.03.2008, 20:53

  I don't know if it could be related, but everytime I login and logout... I have a cookie created, but never deleted.
  After nine login and logout I have nine cookies.
  
  --
  Zikula Italia
  SimpleGallery

  • 
  •  
• JørnWildt
  
  

  • Rank: Helper
  • Registered: 02.07.02
  • last visit: 21.10.09
  • Posts: 240

  Posted: 27.03.2008, 08:07

  Here is a sample request/response that eventually fails. Comments follow in next post:
  
  

  Code

  === www.fjeldgruppen.dk ===
  
  GET / HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Accept-Language: da
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Host: www.fjeldgruppen.dk
  Proxy-Connection: Keep-Alive
  
  -------------------------------------------
  
  HTTP/1.1 200 OK
  Date: Thu, 27 Mar 2008 06:34:52 GMT
  Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
  X-Powered-By: PHP/4.4.8
  Set-Cookie: POSTNUKESID=f52ea0591ec76826470dd41bad0ae8a9; expires=Sun, 30 Mar 2008 06:34:52 GMT; path=/
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  Pragma: no-cache
  Set-Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606; expires=Sun, 30 Mar 2008 06:34:52 GMT; path=/
  Transfer-Encoding: chunked
  Content-Type: text/html
  
  -------------------------------------------
  
  GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Accept-Language: da
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Host: www.fjeldgruppen.dk
  Proxy-Connection: Keep-Alive
  Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606;
  
  -------------------------------------------
  
  POST /index.php?module=Users%20Manager&func=login HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
  Accept-Language: da
  Content-Type: application/x-www-form-urlencoded
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Proxy-Connection: Keep-Alive
  Content-Length: 118
  Host: www.fjeldgruppen.dk
  Pragma: no-cache
  Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606;
  
  *** Login OK
  
  
  === fjeldgruppen.dk ===
  
  GET /index.php HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Accept-Language: da
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Host: fjeldgruppen.dk
  Proxy-Connection: Keep-Alive
  
  -------------------------------------------
  
  HTTP/1.1 200 OK
  Date: Thu, 27 Mar 2008 06:38:27 GMT
  Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
  X-Powered-By: PHP/4.4.8
  Set-Cookie: POSTNUKESID=9f38ce4cbdb137a034605d8929deb3aa; expires=Sun, 30 Mar 2008 06:38:27 GMT; path=/
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  Pragma: no-cache
  Set-Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613; expires=Sun, 30 Mar 2008 06:38:27 GMT; path=/
  Transfer-Encoding: chunked
  Content-Type: text/html
  
  -------------------------------------------
  
  GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Accept-Language: da
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Host: fjeldgruppen.dk
  Proxy-Connection: Keep-Alive
  Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613
  
  -------------------------------------------
  
  HTTP/1.1 200 OK
  Date: Thu, 27 Mar 2008 06:40:30 GMT
  Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
  X-Powered-By: PHP/4.4.8
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  Pragma: no-cache
  Transfer-Encoding: chunked
  Content-Type: text/html
  
  -------------------------------------------
  
  POST /index.php?module=Users%20Manager&func=login HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Referer: http://fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
  Accept-Language: da
  Content-Type: application/x-www-form-urlencoded
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Proxy-Connection: Keep-Alive
  Content-Length: 114
  Host: fjeldgruppen.dk
  Pragma: no-cache
  Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613
  
  -------------------------------------------
  
  HTTP/1.1 302 Found
  Date: Thu, 27 Mar 2008 06:41:56 GMT
  Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
  X-Powered-By: PHP/4.4.8
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  Pragma: no-cache
  Set-Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; expires=Sun, 30 Mar 2008 06:41:57 GMT; path=/
  Location: http://fjeldgruppen.dk/
  Transfer-Encoding: chunked
  Content-Type: text/html
  
  
  *** Login OK
  
  
  === www.fjeldgruppen.dk ===
  
  
  GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
  Accept: */*
  Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager
  Accept-Language: da
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Proxy-Connection: Keep-Alive
  Host: www.fjeldgruppen.dk
  Pragma: no-cache
  Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=29201419679d0593689a94ee1884f8d8
  
  -------------------------------------------
  
  HTTP/1.1 200 OK
  Date: Thu, 27 Mar 2008 06:43:45 GMT
  Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
  X-Powered-By: PHP/4.4.8
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  Pragma: no-cache
  Set-Cookie: POSTNUKESID=94bc4d9659708b7d2d43ebf1561fe7ab; expires=Sun, 30 Mar 2008 06:43:46 GMT; path=/
  Transfer-Encoding: chunked
  Content-Type: text/html
  
  -------------------------------------------
  
  POST /index.php?module=Users%20Manager&func=login HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
  Accept-Language: da
  Content-Type: application/x-www-form-urlencoded
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Proxy-Connection: Keep-Alive
  Content-Length: 156
  Host: www.fjeldgruppen.dk
  Pragma: no-cache
  Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=94bc4d9659708b7d2d43ebf1561fe7ab
  
  -------------------------------------------
  
  HTTP/1.1 302 Found
  Date: Thu, 27 Mar 2008 06:44:58 GMT
  Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
  X-Powered-By: PHP/4.4.8
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  Pragma: no-cache
  Set-Cookie: POSTNUKESID=6b9cd5a23024a5befa7a68bde5a55ff6; expires=Sun, 30 Mar 2008 06:44:58 GMT; path=/
  Location: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
  Transfer-Encoding: chunked
  Content-Type: text/html
  
  
  *** Login FAILED
  
  
  POST /index.php?module=Users%20Manager&func=login HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
  Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
  Accept-Language: da
  Content-Type: application/x-www-form-urlencoded
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  Proxy-Connection: Keep-Alive
  Content-Length: 177
  Host: www.fjeldgruppen.dk
  Pragma: no-cache
  Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=bd9e67ff8d065ca9111a72c0c730e551
  
  -------------------------------------------
  
  HTTP/1.1 302 Found
  Date: Thu, 27 Mar 2008 06:46:28 GMT
  Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
  X-Powered-By: PHP/4.4.8
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  Pragma: no-cache
  Set-Cookie: POSTNUKESID=0322d595274ed40b364a86207b27f1df; expires=Sun, 30 Mar 2008 06:46:28 GMT; path=/
  Location: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
  Transfer-Encoding: chunked
  Content-Type: text/html
  
  
  *** Login FAILED again

  • 
  •  
• JørnWildt
  
  

  • Rank: Helper
  • Registered: 02.07.02
  • last visit: 21.10.09
  • Posts: 240

  Posted: 27.03.2008, 08:12

  This is what happens:
  
  1) I open www.fjeldgruppen.dk and get one POSTNUKESID cookie issued. Login works.
  
  2) I open fjeldgruppen.dk and get a new POSTNUKESID cookie issued. Login works.
  
  3) Back to www.fjeldgruppen.dk where I now POST TWO POSTNUKESID cookies (one for each domain). Login FAILS.
  
  So apparently either PHP og PostNuke chokes on the fact that there are two POSTNUKESID cookies.
  
  Maybe a solution would be to postfix POSTNUKESID with the sub-domoain? Then the session cookie names would be "POSTNUKESID" and "POSTNUKESID-www".

  • 
  •  
• JørnWildt
  
  

  • Rank: Helper
  • Registered: 02.07.02
  • last visit: 21.10.09
  • Posts: 240

  Posted: 27.03.2008, 08:14

  I cannot always repeat this. I assume this is because the sequece of the two POSTNUKESID cookies changes - sometimes the correct one comes first, some times it does not. But I am not sure about this.

  • 
  •  
• larsneo
  
  

  • Rank: Software Foundation
  • Registered: 31.12.69
  • last visit: 21.10.09
  • Posts: 3815

  Posted: 27.03.2008, 08:26

  can you redirect all requests to the 'www' subdomain for testing purposes?
  
  a simple .htaccess will do the job:
  

  Quote

  # rewrite to www
  RewriteCond %{HTTP_HOST} !^www\.fjeldgruppen.\.dk$
  RewriteRule ^(.*)$ http://www.fjeldgruppen.dk/ [L,R=301]

  
  
  --
  regards from germany
  ..::[Zikula Application Framework]::.. ..::[SEO-Blog]::.. ..::[CMS Sicherheit]::..

  • 
  •  
• JørnWildt
  
  

  • Rank: Helper
  • Registered: 02.07.02
  • last visit: 21.10.09
  • Posts: 240

  Posted: 27.03.2008, 09:50

  Lars: now I am not able to use fjeldgruppen.dk due to the redirect which always lands me on www.fjeldgruppen.dk. I assume this is what you wanted.
  
  The result is that I never get a cookie for fjeldgruppen.dk (without www.) - and now it works, I am unable to reproduce the error, and I never send more than one cookie.
  
  So this "works for me" - but it does not solve the issue when you have multiple websites on multiple sub-domains.

  • 
  •  
•  
•  

Users online

• TakeIT2,
• Yokav,
• mjturn,
• slam

This list is based on the users active over the last 60 minutes.