In my Zope3-based site, I use the SessionCredentialsPlugin to extract my
authentication information. This plugin also sets a cookie.
Together with the cookie name, content and host, a path is stored. This path
contains the skin, which I enter in my URL, e.g. for:
cookie path: /++skin++MySkin
Interestingly, "mysite" is not in the path.
The problem is that if I now access my site without the skin, a second cookie
with the path "/" is created. If I previously authenticated, the
authentication is lost.
However, If I access the site without the skin beforehand, and after that with
the skin, there are also 2 cookies created, but the cookie content is equal,
only the path differs.
And if I use Zope3 behind apache (virtual host), the site and the skin is
included, e.g. "/mysite/++skin++MySkin".
So, it seems, there's something buggy or I misconfigured something. I searched
around in the SessionCredentialsPlugin source but could not find the code
which creates the cookie.
How can I solve this issue?
GPG key ID: 299893C7 (on keyservers)
FP: 0124 2584 8809 EF2A DBF9 4902 64B4 D16B 2998 93C7
Zope3-users mailing list