On 02/20/2013 06:07 PM, Jenny Martin wrote: > All our users authenticate using their LDAP credentials via > RT-Authen-ExternalAuth plugin. I just tried creating a local user, and > RT does the right thing when the local user logs in - it sends back a > new cookie and removes the old session data. So the problem seems to be > with the RT-Authen-ExternalAuth plugin. > > We recently upgraded from RT 4.0.4/ExternalAuth 0.9 to > RT4.0.10/ExternalAuth0.13. I can't be sure the problem didn't exist > before, but I didn't notice it.
I've dug into this. Are you by chance using Oracle for the RT database? If not, are you explicitly setting the $WebSessionClass option to Apache::Session::File? Thomas -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T
