I just found this thread about Mixed sessions. We are experiencing the
same problem with RT 3.8.7, sitting behind an Apache based proxy +
load balancer. The backend is a MySQL cluster but that should not have
an impact on the user sessions.
We have two instances of RT connected to the same
This patch doesn't solve the issue. People still get mixed sessions (test was
done after deleting all sessions from sessions table and restarting apache).
Hang on. is mod_cache caching more than the files marked static, never
changes? Since this patch should stop RT from putting cookie headers
Cache: no-cache but that will prevent caching at all. Seem to be no way to
prevent caching cookies from application side.
What's the current state of browser in-memory/on-disk caching with the
Cache: no-cache header?
The attached patch against 3.8.6 might be the right solution for you. I'd
On Monday 02 of November 2009, Jesse Vincent wrote:
Cache: no-cache but that will prevent caching at all. Seem to be no way
to prevent caching cookies from application side.
What's the current state of browser in-memory/on-disk caching with the
Cache: no-cache header?
The attached patch
On Friday 30 of October 2009, Jesse Vincent wrote:
On Fri, Oct 30, 2009 at 03:13:33PM +0100, Arkadiusz Miskiewicz wrote:
On Friday 23 of October 2009, Arkadiusz Miskiewicz wrote:
On Friday 23 of October 2009, Jesse Vincent wrote:
I don't think I've ever seen this wtih RT, but I have seen
On Friday 23 of October 2009, Arkadiusz Miskiewicz wrote:
On Friday 23 of October 2009, Jesse Vincent wrote:
I don't think I've ever seen this wtih RT, but I have seen it with other
applications - the cause is _usually_ an HTTP proxy that's caching RT's
pages. Do you have any sort of
On Fri, Oct 30, 2009 at 03:13:33PM +0100, Arkadiusz Miskiewicz wrote:
On Friday 23 of October 2009, Arkadiusz Miskiewicz wrote:
On Friday 23 of October 2009, Jesse Vincent wrote:
I don't think I've ever seen this wtih RT, but I have seen it with other
applications - the cause is
On Monday 26 of October 2009, Jesse Vincent wrote:
On Mon, Oct 26, 2009 at 02:40:29PM +0200, Arkadiusz Miskiewicz wrote:
On Friday 23 of October 2009, Jerrad Pierce wrote:
A tool like the firefox developer toolbar is an easy way to do
this.
HTTPFox might be a good solution too.
On Thursday 29 of October 2009, Arkadiusz Miskiewicz wrote:
Today it happened to me. I suddently became user B in rt (opera). The real
user B had his PC running with rt opened (firefox) with autorefresh every 2
minutes set but he was away from his computer.
Now I verified his and mine RT_SID
On Thu, Oct 29, 2009 at 03:18:33PM +0100, Arkadiusz Miskiewicz wrote:
On Thursday 29 of October 2009, Arkadiusz Miskiewicz wrote:
Today it happened to me. I suddently became user B in rt (opera). The real
user B had his PC running with rt opened (firefox) with autorefresh every 2
On Thursday 29 of October 2009, Arkadiusz Miskiewicz wrote:
On Thursday 29 of October 2009, Arkadiusz Miskiewicz wrote:
Today it happened to me.
And now another story that happened just few minutes ago:
I was logged in as A with session_id/cookie let say sessA. When doing
something in rt I
On Thursday 29 of October 2009, Jesse Vincent wrote:
On Thu, Oct 29, 2009 at 03:18:33PM +0100, Arkadiusz Miskiewicz wrote:
On Thursday 29 of October 2009, Arkadiusz Miskiewicz wrote:
Today it happened to me. I suddently became user B in rt (opera). The
real user B had his PC running with
On Thu, Oct 29, 2009 at 03:30:49PM +0100, Arkadiusz Miskiewicz wrote:
On Thursday 29 of October 2009, Arkadiusz Miskiewicz wrote:
On Thursday 29 of October 2009, Arkadiusz Miskiewicz wrote:
Today it happened to me.
And now another story that happened just few minutes ago:
I was
[1] it sucks a little as it doesn't have save log capability
Right click Copy all rows
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
Community help: http://wiki.bestpractical.com
Commercial support: sa...@bestpractical.com
On Thursday 29 of October 2009, Jerrad Pierce wrote:
[1] it sucks a little as it doesn't have save log capability
Right click Copy all rows
That doesn't copy headers data, cookies etc
--
Arkadiusz MiśkiewiczPLD/Linux Team
arekm / maven.plhttp://ftp.pld-linux.org/
On Friday 23 of October 2009, Jerrad Pierce wrote:
A tool like the firefox developer toolbar is an easy way to do this.
HTTPFox might be a good solution too. You can simply tell it to start
tracking as you use RT, and stop it once you encounter the problem.
Examine the results, debug,
On Mon, Oct 26, 2009 at 02:40:29PM +0200, Arkadiusz Miskiewicz wrote:
On Friday 23 of October 2009, Jerrad Pierce wrote:
A tool like the firefox developer toolbar is an easy way to do this.
HTTPFox might be a good solution too. You can simply tell it to start
tracking as you use
Hi,
On Mon, Oct 26, 2009 at 14:58, Jesse Vincent je...@bestpractical.com wrote:
User B was logged in on it's own computer at that time but with totally
different session id than three above (so I assume user A become user B with
some old session of user B).
*nod*
Has _anybody_ else been
I have a very serious security problem with 3.8 installation (3.8.6
currently).
Logged User sessions are being mixed up. One logged user is becoming another
logged user as seen by rt. It happens in different moments.
For example I'm user A and after clicking to view some ticket I become
On Fri, Oct 23, 2009 at 11:24:01AM +0200, Arkadiusz Miskiewicz wrote:
I have a very serious security problem with 3.8 installation (3.8.6
currently).
Logged User sessions are being mixed up. One logged user is becoming another
logged user as seen by rt. It happens in different
On Friday 23 of October 2009, Jesse Vincent wrote:
On Fri, Oct 23, 2009 at 11:24:01AM +0200, Arkadiusz Miskiewicz wrote:
I have a very serious security problem with 3.8 installation (3.8.6
currently).
Logged User sessions are being mixed up. One logged user is becoming
another logged
No proxy. Also rt is served over https. The session is really changing user
because when trying to do something that user A has access to I get
permission
denied due to B/C not having that access.
Something else is going on.
* Can you capture the cookies on User A, User B, and User C's
On Friday 23 of October 2009, Jesse Vincent wrote:
No proxy. Also rt is served over https. The session is really changing
user because when trying to do something that user A has access to I get
permission denied due to B/C not having that access.
Something else is going on.
* Can you
A tool like the firefox developer toolbar is an easy way to do this.
HTTPFox might be a good solution too. You can simply tell it to start tracking
as you use RT, and stop it once you encounter the problem. Examine the
results, debug, and or sanitize and share.
Everyone experiencing the
Arkadiusz Miskiewicz wrote:
I have a very serious security problem with 3.8 installation (3.8.6
currently).
Logged User sessions are being mixed up. One logged user is becoming another
logged user as seen by rt. It happens in different moments.
Are you using HTTP authentication or RT's
I had this in 3.6.6, whatever was current in march 2008, april 2008 (looking
at irc logs on when I tried to get some help at #rt), 3.8.2 and now 3.8.6.
Maybe other too, don't remember versions.
Note that the issue was gone for some time (3.8.5 for sure, 3.8.4, too afaik)
but it's back
26 matches
Mail list logo