http://noc.postnuke.com/tracker/index.php?func=detail&aid=15902&group_id=5&atid=101
We had several reports of login problems with .8 RC3. Please test your installations with as many browsers as possible. We have no clue at all, if this problem really exists and if it exists, what it is related to.
This is the last big bug before the final release! So if you want a quick final, put all your energy into this!
--
best regards from Kiel, sailing city
Steffen Voss
Member of the Zikula Steering Committee
Read The Zikulan's Blog "If you want people to RTFM, make a better FM!"
Forum Activity
- mdee responded to »Different page content under one template (tpl file) based on URL« 07:17 AM
- Guite responded to »Remove contents of nuke_sc_anticracker from Database« 01:30 AM
- espaan responded to »Categories disappear when editing ...« 08. Feb
- eledril responded to »How decrease zikula cpu usage« 08. Feb
- jmvaughn responded to »PN 0.764 to Zikula 1.1.2 (migration) Internal Server Error« 08. Feb
- eledril created topic »Where can I download BBCode and BBSmile?« 08. Feb
- Paustian responded to »Need Feedback« 08. Feb
Zikula Blog
- Anatomy of Open Source Projects on Mar 07
- Continuous Review on Mar 01
- Not Invented Here on Feb 24
- How to Contribute Your Code at Github on Jan 13
- 10 Steps to Coding-Nirvana: Tips for Successful Module Writing on Nov 12
- Submitting Bug Report Tickets That Get Results on Aug 17
- Cozi Tricks #1: Syntax Highlighting on Aug 07
Login
Core-Devs need your help: Login Problems
-
- Rank: Software Foundation
- Registered: Sep 03, 2002
- Last visit: May 09, 2010
- Posts: 909
Posted: Mar 25, 2008 - 03:40 AM
-
- Rank: Developer
- Registered: Mar 29, 2005
- Last visit: Mar 13, 2010
- Posts: 228
Posted: Mar 25, 2008 - 04:24 AM
The only login problem I've been able to found is related to this topic: http://community.postnuke.com/module-Forum-viewtopic-topic-54177-start-15.htm
If you have the caching enabled, after some logout/login or wrong password, you won't be able to login again until the cache expires (I suppose).
I cannot see any problem without the caching system enabled...
Do we know if the two guys who reported the bug are using PN with or without the caching enabled?
--
Zikula Italia
SimpleGallery -
- Rank: Team Member
- Registered: Sep 06, 2006
- Last visit: May 09, 2010
- Posts: 2411
Posted: Mar 25, 2008 - 04:56 AM
nope, the cache is disabled
currently i have two broken sites and Dave has others...
The problems seems related with the Cookies in some environments...
--
- Mateo T. -
Mis principios... son mis fines -
- Rank: Developer
- Registered: Mar 29, 2005
- Last visit: Mar 13, 2010
- Posts: 228
Posted: Mar 25, 2008 - 05:06 AM
Is it possibile to know more or less the server configuration?
Are you able to reproduce the error?
Do you get any error? What?
edited by: Arthens, Mar 25, 2008 - 06:10 PM
--
Zikula Italia
SimpleGallery -
- Rank: Team Member
- Registered: Sep 06, 2006
- Last visit: May 09, 2010
- Posts: 2411
Posted: Mar 25, 2008 - 06:21 AM
We are looking deep with Chris hildebrandt (slam) about this issue,
by now seems that some servers randomly gets the cookie duplication.
There's no error message, because the session is lost as consequence of the dummy cookie.
I've tested a lot and move some code on SessionUtil to try solutions, but no total luck. I still have a cookie with path "/" that overrides my good cookie that has the path "/PostNuke08/" (when my site is located in a subfolder called /PostNuke08)...
--
- Mateo T. -
Mis principios... son mis fines -
- Rank: Team Member
- Registered: Dec 07, 2003
- Last visit: May 09, 2010
- Posts: 2703
Posted: Mar 25, 2008 - 01:52 PM
Arthens
I cannot see any problem without the caching system enabled...
Do we know if the two guys who reported the bug are using PN with or without the caching enabled?
Well, I can reproduce the error on my server, without caching enabled. Chris, seems very knowledgeable about apache, and while my server is not perfect, it seems adequate.. with no fatal problems. I am not the only one with the issue, of course, but I have many relationships within the PN community so, my server has become the primary focus of the investigation, as it is accessible. But the issue is 'reproducible' and demonstrable, and severe.
I guess since there is a bug report, and it is documented in the forums, we do not really have an idea of how wide spread the issue is.
I will try to contact those who have had login issues, and see if we can gather more data.
If anyone is having this issue, please let us know.
--
David Pahl
Zikula Support Team -
- Rank: Softmore
- Registered: Jul 02, 2002
- Last visit: Oct 21, 2009
- Posts: 240
Posted: Mar 26, 2008 - 01:42 AM
David, can you give me access to your server, so that I may try it out and see if I can figure out something? Please mail me: jw at fjeldgruppen dot dk -
- Rank: Developer
- Registered: Mar 29, 2005
- Last visit: Mar 13, 2010
- Posts: 228
Posted: Mar 26, 2008 - 02:11 AM
AmmoDump
Well, I can reproduce the error on my server
Well, How?
I mean... is the issue evident or you have to do something particular for reproduce it?
I'd like to reproduce it too for trying to help.
--
Zikula Italia
SimpleGallery -
- Rank: Team Member
- Registered: Dec 07, 2003
- Last visit: May 09, 2010
- Posts: 2703
Posted: Mar 26, 2008 - 06:00 AM
What we got:
I newer SVN (but I first had issues with pre-RC3 SVNs)
A subdomain which contains the PN install.
A cookie is produced for the for the subdomain (expected) and the root domain (not expected). The subdomain cookie is good, as long as not logged out.
Upon trying to login for a second time, we get an auth failure, due to the root cookie.
If the root cookie is deleted, login will pass.
But the root cookie is created again.
This happens on very different versions of apache/php/mysql.
There is some speculation as to why(ish)... but nothing we can confirm.
--
David Pahl
Zikula Support Team -
- Rank: Developer
- Registered: Mar 29, 2005
- Last visit: Mar 13, 2010
- Posts: 228
Posted: Mar 26, 2008 - 08:53 AM
I don't know if it could be related, but everytime I login and logout... I have a cookie created, but never deleted.
After nine login and logout I have nine cookies.
--
Zikula Italia
SimpleGallery -
- Rank: Softmore
- Registered: Jul 02, 2002
- Last visit: Oct 21, 2009
- Posts: 240
Posted: Mar 26, 2008 - 08:07 PM
Here is a sample request/response that eventually fails. Comments follow in next post:
Code
=== www.fjeldgruppen.dk ===
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: www.fjeldgruppen.dk
Proxy-Connection: Keep-Alive
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:34:52 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Set-Cookie: POSTNUKESID=f52ea0591ec76826470dd41bad0ae8a9; expires=Sun, 30 Mar 2008 06:34:52 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606; expires=Sun, 30 Mar 2008 06:34:52 GMT; path=/
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: www.fjeldgruppen.dk
Proxy-Connection: Keep-Alive
Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606;
-------------------------------------------
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 118
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=2782817bbf0c617c0d82f105e2342606;
*** Login OK
=== fjeldgruppen.dk ===
GET /index.php HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: fjeldgruppen.dk
Proxy-Connection: Keep-Alive
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:38:27 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Set-Cookie: POSTNUKESID=9f38ce4cbdb137a034605d8929deb3aa; expires=Sun, 30 Mar 2008 06:38:27 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613; expires=Sun, 30 Mar 2008 06:38:27 GMT; path=/
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: fjeldgruppen.dk
Proxy-Connection: Keep-Alive
Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:40:30 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 114
Host: fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=e3627d49925bf3da65f2269067908613
-------------------------------------------
HTTP/1.1 302 Found
Date: Thu, 27 Mar 2008 06:41:56 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; expires=Sun, 30 Mar 2008 06:41:57 GMT; path=/
Location: http://fjeldgruppen.dk/
Transfer-Encoding: chunked
Content-Type: text/html
*** Login OK
=== www.fjeldgruppen.dk ===
GET /index.php?module=Users%20Manager&func=loginscreen HTTP/1.1
Accept: */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager
Accept-Language: da
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=29201419679d0593689a94ee1884f8d8
-------------------------------------------
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2008 06:43:45 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=94bc4d9659708b7d2d43ebf1561fe7ab; expires=Sun, 30 Mar 2008 06:43:46 GMT; path=/
Transfer-Encoding: chunked
Content-Type: text/html
-------------------------------------------
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 156
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=94bc4d9659708b7d2d43ebf1561fe7ab
-------------------------------------------
HTTP/1.1 302 Found
Date: Thu, 27 Mar 2008 06:44:58 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=6b9cd5a23024a5befa7a68bde5a55ff6; expires=Sun, 30 Mar 2008 06:44:58 GMT; path=/
Location: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Transfer-Encoding: chunked
Content-Type: text/html
*** Login FAILED
POST /index.php?module=Users%20Manager&func=login HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, */*
Referer: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Accept-Language: da
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Proxy-Connection: Keep-Alive
Content-Length: 177
Host: www.fjeldgruppen.dk
Pragma: no-cache
Cookie: POSTNUKESID=08591407e479d8d09322cd26405b9673; POSTNUKESID=bd9e67ff8d065ca9111a72c0c730e551
-------------------------------------------
HTTP/1.1 302 Found
Date: Thu, 27 Mar 2008 06:46:28 GMT
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 PHP/4.4.8
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: POSTNUKESID=0322d595274ed40b364a86207b27f1df; expires=Sun, 30 Mar 2008 06:46:28 GMT; path=/
Location: http://www.fjeldgruppen.dk/index.php?module=Users%20Manager&func=loginscreen
Transfer-Encoding: chunked
Content-Type: text/html
*** Login FAILED again -
- Rank: Softmore
- Registered: Jul 02, 2002
- Last visit: Oct 21, 2009
- Posts: 240
Posted: Mar 26, 2008 - 08:12 PM
This is what happens:
1) I open www.fjeldgruppen.dk and get one POSTNUKESID cookie issued. Login works.
2) I open fjeldgruppen.dk and get a new POSTNUKESID cookie issued. Login works.
3) Back to www.fjeldgruppen.dk where I now POST TWO POSTNUKESID cookies (one for each domain). Login FAILS.
So apparently either PHP og PostNuke chokes on the fact that there are two POSTNUKESID cookies.
Maybe a solution would be to postfix POSTNUKESID with the sub-domoain? Then the session cookie names would be "POSTNUKESID" and "POSTNUKESID-www". -
- Rank: Softmore
- Registered: Jul 02, 2002
- Last visit: Oct 21, 2009
- Posts: 240
Posted: Mar 26, 2008 - 08:14 PM
I cannot always repeat this. I assume this is because the sequece of the two POSTNUKESID cookies changes - sometimes the correct one comes first, some times it does not. But I am not sure about this. -
- Rank: Software Foundation
- Registered: Dec 31, 1969
- Last visit: Oct 21, 2009
- Posts: 3814
Posted: Mar 26, 2008 - 08:26 PM
can you redirect all requests to the 'www' subdomain for testing purposes?
a simple .htaccess will do the job:
Quote
# rewrite to www
RewriteCond %{HTTP_HOST} !^www\.fjeldgruppen.\.dk$
RewriteRule ^(.*)$ http://www.fjeldgruppen.dk/ [L,R=301]
--
regards from germany
..::[Zikula Application Framework]::.. ..::[SEO-Blog]::.. ..::[CMS Sicherheit]::.. -
- Rank: Softmore
- Registered: Jul 02, 2002
- Last visit: Oct 21, 2009
- Posts: 240
Posted: Mar 26, 2008 - 09:50 PM
Lars: now I am not able to use fjeldgruppen.dk due to the redirect which always lands me on www.fjeldgruppen.dk. I assume this is what you wanted.
The result is that I never get a cookie for fjeldgruppen.dk (without www.) - and now it works, I am unable to reproduce the error, and I never send more than one cookie.
So this "works for me" - but it does not solve the issue when you have multiple websites on multiple sub-domains.
- Moderated by:
- Support
