On Tue, 29 Aug 2000, Pavlos Christoforou wrote:
> On Mon, 28 Aug 2000, Curtis Maloney wrote:
> > </dtml-if>
> > This was aparently working fine for quite some time (about a month of
> > public usage), until last week. We have examined logs, and seen that one
> > person accidentaly used the system under someone elses ReturnerID, and
> > then rectified their mistake.
> If he did rectify the mistake then that should not have resulted in a
> problem. In any case the problem should have been isolated to that user
> only. Could it be that the cookie is cached somewhere? I am not familiar
> with the underlying pricinciples of the apache Proxy directives.
The user 'rectified' the problem by submitting the request again under their
own ID. I don't know when/how they noticed, and am not able to contact them
for further comment.
As for the cookie being cached, I don't know. It is possible, as I said,
that Apache is causing problems. ProxyForward means that when a URL matches
a rule, it will be 'forwarded' to another server, and the returned page
issued as if from Apache.
>From the benchmarks I've seen, this is the fastest way to run Zope. However,
I can see how it could confuse Zope into thinking two different users
requests are from the same machine, since all the requests are coming from
Apache. However, I am hoping (going to check on this, of course :) that the
smart folks at Apache have made it 'proxy' properly, to avoid this sort of
Zope maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -