On Wed, 2006-07-12 at 12:14 -0400, Covington, Chris wrote: > On Tue, Jul 11, 2006 at 01:19:02PM -0500, Kaylea Hascall wrote: > > > > Hello all, > > > > I got fed up with trying to make my previous RT install work and removed it, > > and now I'm running 3.6. The problems I was having with 3.4 are gone, but > > there's a new problem. > > > > Every time I click on anything, I have to log in again. It saves my 'state' > > as I go -- logging in again gives me the 'result' of my click. Click, log > > in, > > see confirmation screen, click, log in, see next menu, etc. Apache logs > > don't > > reveal any problems, and RT isn't logging any errors to its logfile. > > > > I searched the archives and corresponded with Shawn Plummer of CIT SUNY > > Geneseo, who reported the same (or similar) issue to the list back when 3.6 > > came out, and neither of us have come to any resolution. > > > > Has anyone found a fix for this problem? I'm running gentoo, mysql, apache2, > > mod_perl -- a combination which worked under 3.4 right up until I broke it > > by > > updating my perl modules. Maybe it is still a perl module versioning issue, > > but I don't know which module to blame :/ > > Me neither. I have had this problem for several months. I'm using > dev-perl/DBD-mysql-3.0004, perl 5.8.8, Mysql 5.0.19, FastCGI, apache 2.0.58. > My workaround is to use Apache auth instead: > > Set($WebExternalAuth , '1'); > Set($WebFallbackToInternalAuth , '1'); > Set($WebExternalGecos , undef); > Set($WebExternalAuto , '1'); > > It would be nice to fix the problem (it's cookie-related) but I haven't > been able to so far.
I had the exact same problem and it turned out to be PEBKAC. :-) I was (of course) using Firefox to access the machine, and under the "cookies" tab of Firefox's preferences I had the "unless I have removed cookies set by the site" flag checked. At some point I was testing logins for different pieces of RT, and I removed RT's cookies. (In fact, at the moment I can't recall whether I specifically removed RT's cookies, or if I just clicked the "clear all cookies" button.) In any case, after that I had exactly the problem Kaylea describes above, because Firefox saw that I had removed cookies set by my RT site, and was thus dutifully discarding RT's authentication cookie -- so my login credentials only lasted for one click. -- /Ole Craig Security Engineer 303-381-3802 (main support hotline) 303-381-3824 (my direct line) 303-381-3801 (fax) www.stillsecure.com . . . _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com We're hiring! Come hack Perl for Best Practical: http://bestpractical.com/about/jobs.html
