Auto-logout problem with IE

OS: 2000, XP
Browser: IE 5.5,6
Server: Redhat 8, Apache 1.3.27, mod_perl 1.27, rt 2.0.15, MySQL 3.23.53a,
HTML:Mason 1.1.15, Perl 5.8.0

Problem: Using IE, a user can login successfully, but if they click on any
link, it automatically logs them out and takes them to the login page. If
you login again, it will take you to the page you requested previously.
This works fine with the Phoenix browser (Mozilla branch), not sure of any
others. I have played with the caching, cookie, etc. parameters under
internet options, but it hasn’t made a difference. It also seems to be
related to how many users access the browser. For some people who are the
only ones to use the terminal, it works ok (on my laptop, which was just
installed with XP last week, and I am the only user, it does not work) and
on systems that are shared, it never works.

Does anyone have any suggestions? Also, where is session data stored, in
the cookie? I don’t see any tables that could be holding it. Or is it a
variable that is passed between pages? Or is it in the URL? At a quick
glance, I don’t see it in the URL.

Thanks in advance.
Tom Lichti

Well, after exploring every possible avenue, we finally stumbled onto the
solution. We verified everything from DNS config on our DNS servers to the
RT server, compared RT and Apache configs between the working dev box and
the non-working prod box, you name it, we tried it. The solution? The prod
server had an underscore in the name. Remove the underscore, voila,
everything works fine. I don’t know if this is a DNS restriction or a
problem with RT, but regardless, it’s finally fixed.

Thanks to anyone who emailed me suggestions, most pointed to DNS, and in
the end, they were right.

Tom–On Tuesday, December 17, 2002 5:32 PM -0500 Tom Lichti tom@redpepperracing.com wrote:

OS: 2000, XP
Browser: IE 5.5,6
Server: Redhat 8, Apache 1.3.27, mod_perl 1.27, rt 2.0.15, MySQL
3.23.53a, HTML:Mason 1.1.15, Perl 5.8.0

Problem: Using IE, a user can login successfully, but if they click on
any link, it automatically logs them out and takes them to the login
page. If you login again, it will take you to the page you requested
previously. This works fine with the Phoenix browser (Mozilla branch),
not sure of any others. I have played with the caching, cookie, etc.
parameters under internet options, but it hasn’t made a difference. It
also seems to be related to how many users access the browser. For some
people who are the only ones to use the terminal, it works ok (on my
laptop, which was just installed with XP last week, and I am the only
user, it does not work) and on systems that are shared, it never works.

Does anyone have any suggestions? Also, where is session data stored, in
the cookie? I don’t see any tables that could be holding it. Or is it a
variable that is passed between pages? Or is it in the URL? At a quick
glance, I don’t see it in the URL.

Thanks in advance.
Tom Lichti


rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm

-----Message d’origine-----De : Tom Lichti [mailto:tom@redpepperracing.com]
Envoye : vendredi 31 janvier 2003 22:42
A : rt-users@lists.fsck.com
Objet : Re: [rt-users] Auto-logout problem with IE

I don’t know if this is a DNS restriction or a problem with RT, but
regardless, it’s finally fixed.

It isdefinitely is a restriction in the DNS. The RFCs are very clear about
it, but Microsoft ignores it and let users put underscores in machines
names, so now many people think it is authorized. The naming conventions in
my company used to rely on underscores and we ran into A LOT of strange
problems like this one. You really want to suppress those. Many software
running on other OSes will refuse them, namely, Bind, the standard DNS for
Unix boxes needs to be compiled with a specific setting to accept
underscores. Most internet DNSes will not carry them.

Recently, IE started to be more restrictive on underscores in a domain. We
had a perfectly working commercial application which suddenly would not run
on some PCs while it was working on some others aparently perfectly similar.
The only difference was a “security patch” some users had downloaded through
the automatic windows update system.

Blaise

I haven’t read the RFC, but I believe you. Oddly enough, the DNS server
(bind 9 I believe) did not bark about the name until we tried to make a
CNAME entry to the original server name. Then it said it was invalid. We
removed the one with the underscore and just went with the name without the
underscore.

Well, live and learn.

Thanks
Tom–On Friday, January 31, 2003 11:21 PM +0100 “THAUVIN Blaise (Dir. Informatique)” bthauvin@clearchannel.fr wrote:

-----Message d’origine-----
De : Tom Lichti [mailto:tom@redpepperracing.com]
Envoye : vendredi 31 janvier 2003 22:42
A : rt-users@lists.fsck.com
Objet : Re: [rt-users] Auto-logout problem with IE

I don’t know if this is a DNS restriction or a problem with RT, but
regardless, it’s finally fixed.

It isdefinitely is a restriction in the DNS. The RFCs are very clear about
it, but Microsoft ignores it and let users put underscores in machines
names, so now many people think it is authorized. The naming conventions
in my company used to rely on underscores and we ran into A LOT of strange
problems like this one. You really want to suppress those. Many software
running on other OSes will refuse them, namely, Bind, the standard DNS for
Unix boxes needs to be compiled with a specific setting to accept
underscores. Most internet DNSes will not carry them.

Recently, IE started to be more restrictive on underscores in a domain. We
had a perfectly working commercial application which suddenly would not
run on some PCs while it was working on some others aparently perfectly
similar. The only difference was a “security patch” some users had
downloaded through the automatic windows update system.

Blaise