-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tony Lee wrote: | Now with MSIE I am getting a 'cookie problem?' page. <snip> | Yesterday I came up against the same problem with Aegir 1.0!!
The "cookie problem" check appears still to be there. Frankly, I don't know its relevance, so I would just try commenting it out for now.
Edit page Aegir CMS -> newframeset -> rcs and comment out line 53.
The relevant lines in Aegir CMS to this issue would be: page "rcs" (comments added to this email for clarification): // Get person object of the logged in user based on data from // NemeinAuth $currentuser = mgd_get_person($mgd_login[uid]);
// Split username in NemeinAuth info array to username and
// sitegroup portions
$currenttemp=explode("+",$mgd_login[username]);// Read username from the array $set[username]=$currenttemp[0];
// Check if username read from NemeinAuth info array matches
// with the one found in DB
if (strtolower($currentuser->username) != strtolower($set[username])) {
~ echo "cookie problem?"; exit;
}Note: the mgd_login array is set in snippet /AegirCore/lib/auth:
// If user is authenticated using NemeinAuth
else {
~ $mgd_login=aegir_login_data();
}aegir_login_data function looks like this (/AegirCore/lib/auth-functions):
function aegir_login_data() {
~ global $HTTP_COOKIE_VARS,$auth_userdata_pad,
~ $auth_conf,
~ $midgard;
~ $auth_sessiondata=auth_hack_session();$mgd_login["username_short"]=OTP_decrypt($auth_sessiondata["username"],$auth_userdata_pad);
$mgd_login["username"]=$mgd_login["username_short"].$auth_sessiondata["logintype"].$auth_sessiondata["sitegroup"];
$mgd_login["password"]=OTP_decrypt($auth_sessiondata["passwd"],$auth_userdata_pad); ~ $mgd_login["uid"]=$midgard->user; ~ $mgd_login["sitegroup"]=$auth_sessiondata["sitegroup"]; ~ return $mgd_login; }
Now, this looks like auth_hack_session() fails. This can be either because you have newer NemeinAuthentication installed than the one provided in stock Aegir installs (Rambo deprecated this function later), or reading the session cookie fails. auth_hack_session (in /Nemein_Authentication/Functions) looks like this:
~ function auth_hack_session() {
~ // *** Mega-hack get session data wo using php session open
~ if(!$session_path=ini_get('session.save_path'))
~ $session_path="/var/state/php";
~ if(substr($session_path,-1,1)!="/")
~ $session_path.="/";
~ $file=$session_path."sess_".session_id();
~ //echo "DEBUG: sessionfile: $file <br>\n";
~ if(file_exists($file)) {
~ $fh=fopen($file,"r");
~ if($fh) {
~ $data=fread($fh,filesize($file));
~ fclose($fh);
~ //error_reporting (E_ALL);$mucked=str_replace('auth_sessiondata|O:12:"auth_session":10',
~ 'a:10',
~ $data);
~ $auth_sessiondata=unserialize($mucked);
~ /*
~ echo "DEBUG: auth_sessiondata <pre>\n";
~ print_r($auth_sessiondata);
~ echo "</pre>\n"; reset ($auth_sessiondata);
~ */
~ }
~ else{
~ $error=localize_string("Could not open session",
~ "NemeinAuthentication",
~ $nemein_net['language']);
~ }
~ }
~ return $auth_sessiondata;
~ }Actually, I think Torben had some issue with this thing way back. Torben, was it related to the character lenghts?
| Oh and by the way, is it really a good idea to hard code the staging | server in there as being on port 8001? Personally I think keeping it on | separate subdomain works better since IE won't access ports without the | http://, and :portnumber is kind of a foreign concept to your average | content contributor.
It is not hardcoded, there is a preference in Aegir System Config. However, if you use separate subdomains you can't block access to staging in your firewall unless you use separate IPs as well.
| Tony
/Bergie
- -- Henri Bergius [EMAIL PROTECTED] Consultant Partner Tel: +358-20-198 6032 Nemein Oy http://www.nemein.com/
Nemein.Net -- Project tracking solution for consulting companies http://www.nemein.com/Nemein.Net/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/cS7DNkT8k497k9IRApPSAJ4r8OngEEhQO5XY2hw3C7T/tMg2jgCfaG/E ubfmaKIxF8oh9y/gtAAJMvo= =CPNt -----END PGP SIGNATURE-----
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
