I’ve just installed 1.0.4 and I’m not sure if the following is
the intended behaviour: everytime I click on logout, be it on
admin-webrt.cgi or webrt.cgi, then click on login again, I’m able
to get in without typing any password.
The very first time I’ve logged in, I had the button “Send
authentication info to all scripts on this server.” checked.
I’d like to know if it’s a bug (in the cookie management
perhaps?) or just a misconfiguration issue.
That really doesn’t sound right. Can you turn on “notify me of cookies” and
start from a freshly loaded browser and tell us what it sets for cookies?On Tue, Aug 22, 2000 at 04:03:10AM +0800, Michael J. Maravillo wrote:
Hello everyone,
I’ve just installed 1.0.4 and I’m not sure if the following is
the intended behaviour: everytime I click on logout, be it on
admin-webrt.cgi or webrt.cgi, then click on login again, I’m able
to get in without typing any password.
The very first time I’ve logged in, I had the button “Send
authentication info to all scripts on this server.” checked.
I’d like to know if it’s a bug (in the cookie management
perhaps?) or just a misconfiguration issue.
jesse reed vincent — root@eruditorum.org — jesse@fsck.com
pgp keyprint: 50 41 9C 03 D0 BC BC C8 2C B9 77 26 6F E1 EB 91
. . . when not in doubt, get in doubt. – Old Discordian Proveb
This was tested on both Netscape 4.75 and lynx 2.8.3. All cookie
transfers are the same with either the “Send authentication info
to all scripts on this server.” option enable or not.
The problem still is, when I login with the option enabled… do
some queue transactions… then logout, I can login over and over
again even if I issue an invalid username/password pair. I had
to exit all occurences of the browser to work around the problem.
I’m just wondering if I’m the only one experiencing this?
That really doesn’t sound right. Can you turn on “notify me of cookies” and
start from a freshly loaded browser and tell us what it sets for cookies?
On Tue, Aug 22, 2000 at 04:03:10AM +0800, Michael J. Maravillo wrote:
I’ve just installed 1.0.4 and I’m not sure if the following is
the intended behaviour: everytime I click on logout, be it on
admin-webrt.cgi or webrt.cgi, then click on login again, I’m able
to get in without typing any password.
The very first time I’ve logged in, I had the button “Send
authentication info to all scripts on this server.” checked.
I’d like to know if it’s a bug (in the cookie management
perhaps?) or just a misconfiguration issue.
.–. Michael J. Maravillo office://+63.2.894.3592/
( () ) Q Linux Solutions, Inc. http://www.q-linux.com/
`–\ Open Source Consultancy / Support / Training / Software Dev’t.
Huh. I’ve not run into something like that in recent memory. Is anyone
else seeing it?
-JOn Tue, Aug 22, 2000 at 03:02:35PM +0800, Michael J. Maravillo wrote:
Hello Jesse,
This was tested on both Netscape 4.75 and lynx 2.8.3. All cookie
transfers are the same with either the “Send authentication info
to all scripts on this server.” option enable or not.
The problem still is, when I login with the option enabled… do
some queue transactions… then logout, I can login over and over
again even if I issue an invalid username/password pair. I had
to exit all occurences of the browser to work around the problem.
I’m just wondering if I’m the only one experiencing this?
On Mon, Aug 21, 2000 at 04:16:21PM -0400, Jesse wrote:
That really doesn’t sound right. Can you turn on “notify me of cookies” and
start from a freshly loaded browser and tell us what it sets for cookies?
On Tue, Aug 22, 2000 at 04:03:10AM +0800, Michael J. Maravillo wrote:
I’ve just installed 1.0.4 and I’m not sure if the following is
the intended behaviour: everytime I click on logout, be it on
admin-webrt.cgi or webrt.cgi, then click on login again, I’m able
to get in without typing any password.
The very first time I’ve logged in, I had the button “Send
authentication info to all scripts on this server.” checked.
I’d like to know if it’s a bug (in the cookie management
perhaps?) or just a misconfiguration issue.
–
.–. Michael J. Maravillo office://+63.2.894.3592/
( () ) Q Linux Solutions, Inc. http://www.q-linux.com/
`–\ Open Source Consultancy / Support / Training / Software Dev’t.
jesse reed vincent — root@eruditorum.org — jesse@fsck.com
pgp keyprint: 50 41 9C 03 D0 BC BC C8 2C B9 77 26 6F E1 EB 91
And I’m told we do share some common rituals. Our “flame war” is apparently
held in person in their land and called “project meeting”.
-Alan Cox [on “Suits”]
Hmm… I know there’s the IE problem with logging IN… but never heard that.
Have tested it on netscape-navigator 4.72 for freebsd, and netscape-navigator
4.72 for linux, (running under freebsd) and could not reproduce.
-Feargal.
Feargal Reilly,
Systems Administrator,
The CIA.
+353-86-8157621