> > > > > > > > > > This was a fix for users going to http://rt.server/ and logging in and > > > > > losing the cookie when being redirected by mod_perl to > > > > > http://rt.server/SelfService/ > > > > > > > > > > Again, not sure what fix you applied, so it's hard to comment further. > > > > > > > > It was the 3.8 session fixation patch. > > > > > > So, that fixed the double login or caused it? > > > > It caused it. I removed the second half of the test in the unless > > just like the mention in the thread. Then it worked again, but > > with what consequences? > > That change should be fine. > > The actual 3.8.6 (which contains a fix) completely rewrites the code > path. Unfortunately, it's hard to comment more on a patch from 2009 > without a lot more digging. > > -kevin
I understand and thank you for taking a quick look. We have an update to 3.8.10 scheduled. Regards, Ken