Typo login problem

Phillip_Morelock · October 5, 2007, 6:29am

Hi,

I apologize in advance if this got double-posted – I got a strange
reply from the list serv when I sent it originally.

We’re running Typo 4.1, and until recently it was working. But now,
we are no longer able to log in.

Based on telnet sessions to the web host, it appears that user.rb
properly authenticates the user, and redirects them to “/admin/
content” – but then /admin/content redirects them back to the login
page again – which I think is because the session functionality is
broken.

Typo seems to generate a new session_id cookie with each request, and
I think this is the problem. When I look in the database, I notice 3
new session rows when I:

go to the login page
log in
get redirected back to the login page

Thanks in advance if anyone can help…
Phillip

Below is my log info:

Processing AccountsController#login (for 67.99.1.190 at 2007-10-01
10:35:30) [POST]
Session ID: 88c3531ef16812c937eac2c6afdfc039
Parameters: {“user_login”=>“grevan”, “action”=>“login”,
“controller”=>“accounts”, “user_password”=>“********”,
“login”=>“Login »”}
Cookie set: is_admin=yes; path=/
Redirected to http://blog.jibjab.com/admin/content
Storing #User:0xb692a1ac in the cache
Completed in 0.00349 (286 reqs/sec) | DB: 0.00127 (36%) | 302 Found
[http://blog.jibjab.com/accounts/login]

Processing ContentController#index (for 67.99.1.190 at 2007-10-01
10:35:30) [GET]
Session ID: 1a0ebb36d41e511fca9df916d71b8731
Parameters: {“action”=>“index”, “controller”=>“admin/content”}
Redirected to http://blog.jibjab.com/accounts/login
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0xb687f99c
@filter=:login_required>] returned false.
Completed in 0.00147 (682 reqs/sec) | DB: 0.00031 (21%) | 302 Found
[http://blog.jibjab.com/admin/content]

Processing AccountsController#login (for 67.99.1.190 at 2007-10-01
10:35:31) [GET]
Session ID: 0356655e43fcdea7a7c5fca9fc3cb696
Parameters: {“action”=>“login”, “controller”=>“accounts”}
Rendering within layouts/accounts
Rendering accounts/login
Completed in 0.00333 (300 reqs/sec) | Rendering: 0.00191 (57%) | DB:
0.00059 (17%) | 200 OK [http://blog.jibjab.com/accounts/login]

Phillip_Morelock · October 5, 2007, 12:33pm

On Thu, Oct 04, 2007 at 09:28:39PM -0700, Phillip Morelock wrote:

Based on telnet sessions to the web host, it appears that user.rb

telnet? shudder

Typo seems to generate a new session_id cookie with each request

Hm. I seem to recall a similar problem with a completely different Rails
app. [looks in logs] Yes, exactly, new session id with every request.
Never
solved that, really, so here are some questions:

Which browser are you using?
Are you sure your browser allows cookies?
Have you tried with a completely different browser?

Phillip_Morelock · October 5, 2007, 6:11pm

Thanks for your reply!

On Oct 5, 2007, at 3:19 AM, Matijs van Zuijlen wrote:

On Thu, Oct 04, 2007 at 09:28:39PM -0700, Phillip Morelock wrote:

Based on telnet sessions to the web host, it appears that user.rb

telnet? shudder

Telnet to port 80, not telnet for shell access…

Have you tried with a completely different browser?
Yeah, this is pretty much across the board. It does seem to be a
rails problem, but it’s only appearing in our typo instance (and we
have several other rails apps).

Oh well, I guess I’ll have to dig into rails a bit more.

Thanks again for your reply.