Hi,
(I read the jan+dec+nov -developer and -users archives, sorry
if this problem was solved but I haven't noticed it. I couldn't
do a more thorough archive search, as SourceForge was being
stalled all the time.)
The problem:
After some (untraceable...) change in the system config, SQ
stopped maintaining the logon session properly. (Note: no obscure
changes have been made, but only things like package upgrades,
some minor config file changes etc. could have been done.)
Users cannot stay logged-in in, as if the session prematurely
expired. We can login sometimes, we can even browse mails sometimes,
but sooner or later SQ drops us off with:
ERROR
You must be logged in to access this page.
Go to the login page
Often, this happens right after hitting the login button on
the login page.
Here's the session file contents, right after hitting the LOGIN
button (domain/user info faked below):
sq_base_url|s:26:"http://webmail.xxxxx.yyy";base_uri|s:1:"/";onetimepad|s:16:"AvJ7/5Fm
4qD5tw==";sqimap_capabilities|a:14:{s:9:"IMAP4REV1";b:1;s:10:"X-NETSCAPE";b:1;s:4:"IDLE"
;b:1;s:9:"NAMESPACE";b:1;s:17:"MAILBOX-REFERRALS";b:1;s:6:"BINARY";b:1;s:8:"UNSELECT";b:
1;s:4:"SCAN";b:1;s:4:"SORT";b:1;s:6:"THREAD";s:14:"ORDEREDSUBJECT";s:11:"MULTIAPPEND";b:
1;s:15:"LOGIN-REFERRALS";b:1;s:8:"STARTTLS";b:1;s:4:"AUTH";s:7:"LOGIN
";}delimiter|s:1:"/";username|s:5:"user1";user_is_logged_in|b:1;just_logged_in|b:1;attac
hment_common_types|a:7:{s:9:"image/gif";b:1;s:15:"image/x-xbitmap";b:1;s:10:"image/jpeg"
;b:1;s:11:"image/pjpeg";b:1;s:15:"application/pdf";b:1;s:29:"application/x-shockwave-fla
sh";b:1;s:3:"*/*";b:1;}attachment_common_types_parsed|a:0:{}prefs_cache|a:23:{s:12:"chos
en_theme";s:30:"../config/deepocean2_theme.php";s:17:"show_html_default";s:1:"0";s:4:"so
rt";s:1:"0";s:13:"javascript_on";s:1:"1";s:8:"hililist";s:6:"a:0:{}";s:9:"full_name";s:1
4:"Some User Name";s:13:"email_address";s:11:"[EMAIL
PROTECTED]";s:10:"prefix_sig";s:1:"0";s:2
4:"collapse_folder_mail/fun";s:1:"1";s:30:"collapse_folder_mail/old-mails";s:1:"1";s:27:
"collapse_folder_mail/people";s:1:"1";s:22:"include_self_reply_all";s:1:"0";s:20:"show_x
mailer_default";s:1:"1";s:15:"compose_new_win";s:1:"1";s:9:"left_size";s:3:"180";s:11:"h
our_format";s:1:"1";s:10:"custom_css";s:11:"sans-10.css";s:28:"collapse_folder_mail/proj
ect";s:1:"1";s:8:"language";s:5:"en_US";s:14:"compose_height";s:3:"740";s:24:"use_javasc
ript_addr_book";s:1:"1";s:13:"compose_width";s:3:"800";s:29:"collapse_folder_mail/feedba
ck";s:1:"1";}prefs_are_cached|b:1;
And a new session file just after the login attempt:
session_expired_post|a:0:{}session_expired_location|s:16:"/src/webmail.php";
Huhh?!
I have Debian (fresh) unstable with Apache 1.3.29.0.1-3 and
PHP4 4.3.3-4 with this session config:
[Session]
session.save_handler = files ; handler used to store/retrieve data
#session.save_handler = mm
session.save_path = /tmp ; argument passed to save_handler
; in the case of files, this is the
; path where data files are stored
session.use_cookies = 1 ; whether to use cookies
session.name = PHPSESSID
; name of the session
; is used as cookie name
session.auto_start = 0 ; initialize session on request startup
session.cookie_lifetime = 0 ; lifetime in seconds of cookie
; or if 0, until browser is restarted
session.cookie_path = / ; the path the cookie is valid for
session.cookie_domain = ; the domain the cookie is valid for
session.serialize_handler = php ; handler used to serialize data
; php is the standard serializer of PHP
session.gc_probability = 1 ; percentual probability that the
; 'garbage collection' process is started
; on every session initialization
session.gc_maxlifetime = 1440 ; after this number of seconds, stored
; data will be seen as 'garbage' and
; cleaned up by the gc process
session.referer_check = ; check HTTP Referer to invalidate
; externally stored URLs containing ids
session.entropy_length = 0 ; how many bytes to read from the file
session.entropy_file = ; specified here to create the session id
; session.entropy_length = 16
; session.entropy_file = /dev/urandom
session.cache_limiter = nocache ; set to {nocache,private,public} to
; determine HTTP caching aspects
session.cache_expire = 180 ; document expires after n minutes
session.use_trans_sid = 1 ; use transient sid support if enabled
; by compiling with --enable-trans-sid
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Thank a lot for any tips!
Cheers,
Sz.
-------------------------------------------------------
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
advanced branching capabilities and atomic changes on 50+ platforms.
Free Eval! http://www.perforce.com/perforce/loadprog.html
--
squirrelmail-users mailing list
List Address: [EMAIL PROTECTED]
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
