Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

Solved the issue with this: The LDAP object of XWiki.XWikiPreferences must be manually switched off with the hidden flag which is available here: https://wiki.fra.shift.agency/xwiki/wiki/SUBWIKI/edit/XWiki/XWikiPreferences?editor=object -- View this message in context: http://xwiki.475771.n2

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

Tobias Kirchhofer wrote: > We are talking about an internal network with defined status. ok > XWiki worked > for month for us - but now the user have this problem. Is there something in > the database about the sessions which probably went wrong? Sessions are in the tomcat or jetty. paul _

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

We are talking about an internal network with defined status. XWiki worked for month for us - but now the user have this problem. Is there something in the database about the sessions which probably went wrong? -- View this message in context: http://xwiki.475771.n2.nabble.com/Login-cookie-val

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

Tobias Kirchhofer wrote: > The IP-Address is not changing during a session. Be careful. If you change from http to https or back and are on a 3g network, the IP of the client does change! The reason is that there's a transparent proxy run at the http level so as to make the exchanges more efficie

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

Thanks - indeed we had our time securing tomcat, XWiki with nginx but it worked finally. We investigated everything with Developer Tools - no http-requests are observable. -- View this message in context: http://xwiki.475771.n2.nabble.com/Login-cookie-validation-hash-mismatch-Cookies-have-bee

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

Our XWiki is running as a Intranet in a LAN. Outside users need VPN access. The IP-Address is not changing during a session. We played around with xwiki.authentication.protection - no change. xwiki.authentication.protection=none is no option because passwords in the cookie are not encrypted anymo

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

ur users have already done this, so it is probably not > related to this problem. > > > > ----- Ursprüngliche Nachricht ----- > Von: Tobias Kirchhofer > Am: Wednesday, 09.03.2016, 13:40 > An: Xwiki Users > Betreff: Re: [xwiki-users] Login cookie validation hash

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

Users Betreff: Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with > This is the message which appears after 30 minutes: > > <http://xwiki.475771.n2.nabble.com/file/n7598389/screenshot_53.png> > > "You do not have permission to view

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

This is the message which appears after 30 minutes: "You do not have permission to view the document or to perform that action." The we have to actively logout and close the browser window. By opening a new window and navigatin

Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

Uh, feel a bit shy about my post and broach the subject again - is there anyone who could give us a hint where to search? Increasing the session limit to a longer period just delays the effect. Our user would be delighted ... :) -- View this message in context: http://xwiki.475771.n2.nabble.com

[xwiki-users] Login cookie validation hash mismatch! Cookies have been tampered with

We set up a new Box with a fresh install of a 7.4.1 version. While configuring and testing (permissions) everything all was perfect and clean. Then we migrated the pages from the old wiki (also 7.4.1 - we wanted a fresh install) - precisely only content pages, nothing else. Then we switched the IP