[ZCM] [ZC] 267/ 2 Comment "VHM and CookieCrumbler"

Collector: Zope Bugs and Patches ... zope-coders@zope.org
Sat, 16 Mar 2002 11:13:35 -0500 

Issue #267 Update (Comment) "VHM and CookieCrumbler"
 Status Pending, Zope/bug critical
To followup, visit:
  http://collector.zope.org/Zope/267

==============================================================
= Comment - Entry #2 by magnus on Mar 16, 2002 11:10 am

----- Forwarded message from Apache Week <mjc@redhat.com> -----

     Proxy users thinking of upgrading to Apache 1.3.23 should be aware
     that there is a bug ([5]PR#9655) in the handling of responses which
     set more than one cookie, and may wish to wait for the 1.3.24
     release before upgrading.


----- End forwarded message -----

________________________________________
= Request - Entry #1 by magnus on Mar 6, 2002 2:00 am


I can verify this. Same thing happens here too.

I had to redirect login_form to :8080 before, since I could not login to CMF
otherwise, using VHM.

I changed auth_cookie from __ac to __ac_, and now I can login through VHM...

Bug... I'll put it in the Collector.

(I'm using a week old cvs snapshot of Zope-2_5-branch and CMF1.2)

/Magnus

> I started debugging Zope. I found that the various methods in
> CookieCrumbler are called and should normally set a cookie for
> auth_cookie.
>
> However, under VHM operation, this does not happen when auth_cookie ==
> '__ac'
>
> I changed the name of the authentication cookie to __ac_erp5 in the CMF
> (www.erp5.org is the site I am working on).
>
> Everything works fine now.
>
> I have absolutely no idea what it can mean.
>
> As a reminder, I had no problems for 6 months and suddenly, after a small
> upgrade, all this strange behaviour started.


_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

I could find out that certain cookie names work, some others do not

Works

__ac_
__ac_ra
__ac_rak1
__ac_nex1
__ac_erp5

Does not work

__ac
__ac_rack1
__ac_rack12

Really strange.

JPS.

-- 
Jean-Paul Smets-Solanes <jp@nexedi.com> - Nexedi (CEO)
GPG Fingerprint: 40FF FA78 75AA 680D 8BB4  EEF9 539A 79CC CB8E 5F01 

_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )
==============================================================