Re: [Zope] Cookie authentication: CUF and XUF (fwd)
darrylc writes: Can you please stay on the mailing list? (Added again)
I have been running tests with IE 5 and IE 6 and am running into the same problem. If I set the CUF to expire the cookies after the browser session, I can view the first page on my site, but if I go to another link within the same site/level I get thrown back to the authorization page and zope thinks I am an anonymous user. This is with the expiration set to end after the session.
Testing with Netscape, Galeon, or Opera works fine.
Anyone else see this? A colleague may have seen something similar:
He works on a Zope-CMF based portal. When he logs in from deep inside the portal, he looses the authentication cookie when he later visits pages higher up in the portal. This is normal behaviour when the "setCookie" call does not contain a "path" parameter. However, when I tried to reproduce the behaviour, I have been unable to do so. The difference: while I work with Netscape/Konqueror my colleague uses IE (5.5). I did not investigate further because our client wants the authentication immediate at the portal entrance, a case handled correctly by IE, too. I cannot help you further. I am essentially a Unix-only guy. Investigating problems restricted to IE is quite difficult for me. Therefore, please stay on the list... Dieter
Thank you, Dieter. Sorry for writing to your directly on this, but I am in a bit of a time crunch and I am trying to sell zope to my managers. But if it this is not going to work with IE it is a show-stopper. I have writttn Jens V. (author of CUF) also, but he could offer no help as he is a Mac/UNIX guy too. So am I, but somehow I get stuck aiding the unwashed Windows massess. I a am Galeon fan myself, but unfortunately most of the people hitting my site are going to be using the evil, but pervasive, IE. Thanks for your comment. -D On Tue, 19 Feb 2002, Dieter Maurer wrote:
darrylc writes: Can you please stay on the mailing list? (Added again)
I have been running tests with IE 5 and IE 6 and am running into the same problem. If I set the CUF to expire the cookies after the browser session, I can view the first page on my site, but if I go to another link within the same site/level I get thrown back to the authorization page and zope thinks I am an anonymous user. This is with the expiration set to end after the session.
Testing with Netscape, Galeon, or Opera works fine.
Anyone else see this? A colleague may have seen something similar:
He works on a Zope-CMF based portal. When he logs in from deep inside the portal, he looses the authentication cookie when he later visits pages higher up in the portal.
This is normal behaviour when the "setCookie" call does not contain a "path" parameter. However, when I tried to reproduce the behaviour, I have been unable to do so. The difference: while I work with Netscape/Konqueror my colleague uses IE (5.5).
darrylc wrote:
Thank you, Dieter.
Sorry for writing to your directly on this, but I am in a bit of a time crunch and I am trying to sell zope to my managers. But if it this is not going to work with IE it is a show-stopper. I have writttn Jens V. (author of CUF) also, but he could offer no help as he is a Mac/UNIX guy too. So am I, but somehow I get stuck aiding the unwashed Windows massess.
I a am Galeon fan myself, but unfortunately most of the people hitting my site are going to be using the evil, but pervasive, IE.
Thanks for your comment.
Couldn't you try to debug the problem? I see two possibilities. * Configure IE to always ask for cookies, it will then give you the possibility to look at the details of that cookie (path, expires, etc). * use something like tcpwatch (search zope.org) to monitor the http traffic between the browser and zope. cheers, oliver
participants (3)
-
darrylc -
Dieter Maurer -
Oliver Bleutgen