Hi Paulo,
does the user's IP address stay the same? I've had problems with
sessions getting lost when the user was behind a set of
load-balanced proxies; when requests from the same user went through
different proxy machines, they ended up with different IP addresses
and the session hijacking prevention kicked in (see the
xmlui.session.ipcheck property, I'm not sure what the equivalent is
for JSPUI if that's what you're using).
cheers,
Andrea
On 11/03/15 03:59, Paulo Graça wrote:
Some people have reported us that they are losing the
authenticated session after clicking on the handle link, on the
screen after the item is published.
We are using version 3.2 of DSpace on CentoOS 6.5. And the user
was using Internet Explorer 10 with compatibility mode
(identifying himself as IE7) on Windows 7.
What the user does?
1. Submits the item
2. Goes to his personal area and accepts the task for that item
(has work-flow in the collection)
3. Edit the item as a reviewer and adds more metadata
4. Publishes the item and a handle is assign
5. On the confirmation page, clicks on the handle link
What sometimes happens?
The user loses is authenticated session
What we verified?
. The item is correctly published
. This issue happens when:
Before the pattern:
apache_access.log
USER_IP -
- [06/Mar/2015:14:35:17 +0000] "POST /mydspace HTTP/1.1" 200
12937 "http://example.com/mydspace"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1;
Trident/6.0)" 433873
dspace.log
2015-03-06 14:35:17,700 INFO
org.dspace.workflow.WorkflowManager @ USER@HOST:session_id=SESSION_ID_ENDS_WITH_C20436F:ip_addr=USER_IP:advance_workflow:workflow_item_id=16200,item_id=16945,collection_id=223,old_state=4,new_state=7
2015-03-06 14:35:17,713 INFO org.dspace.search.DSIndexer @
Writing Item: HANDLE_PREFIX/16836 to Index
2015-03-06 14:35:17,716 INFO org.dspace.search.DSIndexer @
Wrote Item: HANDLE_PREFIX/16836 to Index
2015-03-06 14:35:17,876 INFO
org.dspace.usage.LoggerUsageEventListener @
USER@HOST:session_id=SESSION_ID_ENDS_WITH_C20436F:ip_addr=USER_IP:advanced_workflow_workflow:workflow_id=16200
After the pattern:
apache_access.log
USER_IP -
- [06/Mar/2015:14:35:19 +0000] "GET
/handle/HANDLE_PREFIX/16836 HTTP/1.1" 200 34333 "-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1;
Trident/6.0)" 29615
dspace.log
2015-03-06
14:35:19,987 INFO org.dspace.app.webui.servlet.HandleServlet
@ anonymous:session_id=SESSION_ID_ENDS_WITH_BD2F787:ip_addr=USER_IP:view_item:handle=HANDLE_PREFIX/16836
What we asked them to do?
1. Try 1 week with a different browser (Firefox 31.3.0)
2. Try 1 week without the compatibility mode (Internet Explorer
10).
What were the results?
After the first week the problem didn't occurred with Firefox. On
the second week the problem occurred with Internet Explorer.
Any ideas what might be the problem with Internet Explorer/handle
system?
Note: the http to https switch issue doesn't occur in this case.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
--
Dr Andrea Schweer
IRR Technical Specialist, ITS Information Systems
The University of Waikato, Hamilton, New Zealand
+64-7-837 9112
|
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
