On Wed, Dec 09, 2009 at 11:40:32AM -0800, David Griffith wrote: > Go to http://foobar.com/rt and you see the RT login screen. Login as an > unprivileged user (Alice). The username and password field will blank > out. Type in Alice's username and password again, and you'll be logged in > as Alice. That's the first part of the bug.
What happens at http://foobar.com/rt/ vs /rt Also, what is your URL after the initial failed login? > The second part is when you > type in the username-password the second time. If at that point you > attempt to log in as a privileged user, you'll log in, but your > permissions are that of an unprivileged user. This sounds like the initial login worked enough to get you redirected to /rt/SelfService/ which would certainly make it appear that you're an unprivileged user when you then log in as Bob (the privileged user) -kevin
pgprtiu69AkxH.pgp
Description: PGP signature
_______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [email protected] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
