On Jun 14, 8:53 am, Jan Murre <[email protected]> wrote: > Hi, > > We are running a Django 1.0 site on PostgreSQL 8.1 (on a Debian > server). We are using the 'db' backend for sessions. Trouble is that > our users cannot log in to the site anymore, which is quite serious of > course. Users with an existing session cookie can access the site > without trouble, but loggin in does not work. > When the login screen is shown, there is a 'sessionid' cookie in the > response. When I inspect the Postgres database for this cookie it is > either not existing or the cookie is completely empty (only '{}', so the > testcookie is not set). Trying to log in after that gives the "Looks > like your browser isn't configured to accept cookies." message. The > same website in a test enviroment works completely fine. Anyone knows > about this kind of sessioning problems? Any help is greatly > appreciated. > > Regards, Jan
Hi, Just for the record, in case someone else runs into problems like this. Our problem turned out to be the spiders. We have > 1000 spider requests per hour. Every spider request of a page, because there is no session cookie in the request of course, creates a session. This prevented users to log in. We solved it by user-agent blacklisting based and preventing a session to be created for spider requests. Strange though, that under heavy load sessions are created for login attempts, where these sessions turn out to be 'crippled', preventing a proper login. The Django code seems ok, maybe PostgreSQL is to blame? Regards, Jan -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
