RT requiring login for every click

Hiya folks,

I saw this mentioned on the list a couple months back, but under Gentoo,
and while the issue was related to the MySQL language configuration,
there was a note from ruz@bp stating that this was an issue related the
default charset setting for MySQL (under Gentoo, though) which had been
addressed for the next release (under 3.6, so it’d be incorporated into
3.8 I’m guessing).

When a user (admin user in this case) logs in, they get the home page,
but any subsequent clicks bring the login page up again. The system and
Apache logs don’t reveal any errors, just a successful login message
when the logins are made.

I’ve checked the database and the cookie, and the RT_SID is identical
and being updated with each request. We did have default-character-set
as utf8 as recommended for Dovecot on the same machine, but I’ve
commented that out and restarted all associated services, and we still
have the multiple login requests.

I’m attaching my my.cnf file below in case that’s the culprit; I do
appreciate any suggestions that might help here.

Environment:
RT: 3.8.0
OS: Oracle Linux 5.2 (RHEL5 equivalent)
DB: MySQL 5.0.45
Web Server: Apache/2.2.3

Just for completeness, “make testdeps” states that all dependencies have
been found.

MySQL config (/etc/my.cnf):
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
old_passwords=0

RT suggested settings

set-variable = innodb_mirrored_log_groups=1
set-variable = innodb_log_files_in_group=3
set-variable = innodb_log_file_size=5M
set-variable = innodb_log_buffer_size=8M
innodb_flush_log_at_trx_commit=1
innodb_log_archive=0
set-variable = innodb_buffer_pool_size=16M
set-variable = innodb_additional_mem_pool_size=2M
set-variable = innodb_file_io_threads=4
set-variable = innodb_lock_wait_timeout=50
set-variable = sort_buffer=2M

Dovecot suggested settings

default-character-set = utf8

default-collation = utf8_general_ci

[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

Thanks in advance,
-mh.

Mark,

We ran into the same problem, only we are on Oracle. Our problem turned 

out to be the result of using FireFox and Oracle. Our solution was to
change the code RT uses to set a session cookie as follows:

The following code should be added to the existing code in the �if�

condition code in the file “SetupSessionCookie”

on line # 75 (right after my $session_properties;),

in the directory /$RTHOME/local/html/Elements:

 74  my $session_properties;
 75  if ( $session_class eq 'Apache::Session::File' ) {
 76      $session_properties = {
 77          Directory     => $RT::MasonSessionDir,
 78          LockDirectory => $RT::MasonSessionDir,
 79          Transaction => 1
 80      };
 81  } else {
 82      $session_properties = {
 83          Handle     => $RT::Handle->dbh,
 84          LockHandle => $RT::Handle->dbh,
 85          Transaction => 1
 86      };
 87  }

Lines 78 and 85 were added to the original code. After that, we have 

had no problems at all. I hope this helps.

Kenn
LBNLOn 8/4/2008 6:24 PM, Mark Hazen wrote:

Hiya folks,

I saw this mentioned on the list a couple months back, but under Gentoo,
and while the issue was related to the MySQL language configuration,
there was a note from ruz@bp stating that this was an issue related the
default charset setting for MySQL (under Gentoo, though) which had been
addressed for the next release (under 3.6, so it’d be incorporated into
3.8 I’m guessing).

When a user (admin user in this case) logs in, they get the home page,
but any subsequent clicks bring the login page up again. The system and
Apache logs don’t reveal any errors, just a successful login message
when the logins are made.

I’ve checked the database and the cookie, and the RT_SID is identical
and being updated with each request. We did have default-character-set
as utf8 as recommended for Dovecot on the same machine, but I’ve
commented that out and restarted all associated services, and we still
have the multiple login requests.

I’m attaching my my.cnf file below in case that’s the culprit; I do
appreciate any suggestions that might help here.

Environment:
RT: 3.8.0
OS: Oracle Linux 5.2 (RHEL5 equivalent)
DB: MySQL 5.0.45
Web Server: Apache/2.2.3

Just for completeness, “make testdeps” states that all dependencies have
been found.

MySQL config (/etc/my.cnf):
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
old_passwords=0

RT suggested settings

set-variable = innodb_mirrored_log_groups=1
set-variable = innodb_log_files_in_group=3
set-variable = innodb_log_file_size=5M
set-variable = innodb_log_buffer_size=8M
innodb_flush_log_at_trx_commit=1
innodb_log_archive=0
set-variable = innodb_buffer_pool_size=16M
set-variable = innodb_additional_mem_pool_size=2M
set-variable = innodb_file_io_threads=4
set-variable = innodb_lock_wait_timeout=50
set-variable = sort_buffer=2M

Dovecot suggested settings

default-character-set = utf8

default-collation = utf8_general_ci

[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

Thanks in advance,
-mh.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Thanks Kenneth… I’d read your post some time back about this solution,
but with 3.8 the session management code has changed quite considerably
(looks to be a complete rewrite), and the code changes you’d attached no
longer fit.

I have been adding a bit of debug code, and I believe I’ve isolated the
problem. In SetupSessionCookie, %cookies is being populated by a call to
CGI::Cookie->fetch. Unfortunately, it appears the value is always undef
for us, no matter the browser.

I’m working up a more complete test, but at this point I’m under the
impression that it’s the fault of CGI::Cookie. I’ll post back once I’ve
finished external testing on CGI::Cookie.

Regards,
-mh.-----Original Message-----
From: Kenneth Crocker [mailto:KFCrocker@lbl.gov]
Subject: Re: [rt-users] RT requiring login for every click

Mark,
We ran into the same problem, only we are on Oracle. Our problem
turned
out to be the result of using FireFox and Oracle. Our solution was to
change the code RT uses to set a session cookie as follows:

Mark,

THat's good to know. I will appreciate the update. Thanks.

Kenn
LBNLOn 8/6/2008 11:39 AM, Mark Hazen wrote:

Thanks Kenneth… I’d read your post some time back about this solution,
but with 3.8 the session management code has changed quite considerably
(looks to be a complete rewrite), and the code changes you’d attached no
longer fit.

I have been adding a bit of debug code, and I believe I’ve isolated the
problem. In SetupSessionCookie, %cookies is being populated by a call to
CGI::Cookie->fetch. Unfortunately, it appears the value is always undef
for us, no matter the browser.

I’m working up a more complete test, but at this point I’m under the
impression that it’s the fault of CGI::Cookie. I’ll post back once I’ve
finished external testing on CGI::Cookie.

Regards,
-mh.

-----Original Message-----
From: Kenneth Crocker [mailto:KFCrocker@lbl.gov]
Subject: Re: [rt-users] RT requiring login for every click

Mark,
We ran into the same problem, only we are on Oracle. Our problem
turned
out to be the result of using FireFox and Oracle. Our solution was to
change the code RT uses to set a session cookie as follows:

At 8/6/2008 02:39 PM, Mark Hazen wrote:

Thanks Kenneth… I’d read your post some time back about this solution,
but with 3.8 the session management code has changed quite considerably
(looks to be a complete rewrite), and the code changes you’d attached no
longer fit.

I have been adding a bit of debug code, and I believe I’ve isolated the
problem. In SetupSessionCookie, %cookies is being populated by a call to
CGI::Cookie->fetch. Unfortunately, it appears the value is always undef
for us, no matter the browser.

I’m working up a more complete test, but at this point I’m under the
impression that it’s the fault of CGI::Cookie. I’ll post back once I’ve
finished external testing on CGI::Cookie.

Regards,
-mh.

See this thread from the archives, particularly Alex Ciornii’s
contributions - it may help you in your investigation.

http://www.gossamer-threads.com/lists/rt/users/70752#70752

Steve

Thanks Stephen-

Alas, SetupSessionCookie has changed dramatically in 3.8, and there
seems to no longer a $session_properties hash in the application at all
under 3.8, perhaps its naming has changed?

I’ve tested CGI::Cookie in a standalone CGI app, and in that situation
it worked properly.

I’d added the simple lines below to SetupSessionCookie after copying it
over to local/html/Elements directory, and the output verified that
%cookies was undefined.

my %cookies      = CGI::Cookie->fetch;

+open (FOO,">/tmp/foo");
+if (%cookies) {
+  foreach (keys %cookies) { print FOO "$_\n"; }
+} else {  print FOO "cookies undefined\n"; }
+close FOO;

I’ve tested with both Firefox 3.0.1 and IE 7.0.5730.13, and the
undefined cookies behavior exists with both (that being, the cookies
exist and are being sent from the browsers, but RT isn’t properly
retrieving them). I’m interested in suggestions on where to inject more
testing code, but I’m fairly certain this is due to either an RT bug or
something in the environment here which is causing problems (the latter
of which I am doubtful of, since this is a brand new and very typical RT
install).

Regards,
-mh.-----Original Message-----
From: Stephen Turner [mailto:sturner@MIT.EDU]
Subject: Re: [rt-users] RT requiring login for every click

See this thread from the archives, particularly Alex Ciornii’s
contributions - it may help you in your investigation.

http://www.gossamer-threads.com/lists/rt/users/70752#70752

At 8/6/2008 04:05 PM, you wrote:

Thanks Stephen-

Alas, SetupSessionCookie has changed dramatically in 3.8, and there
seems to no longer a $session_properties hash in the application at all
under 3.8, perhaps its naming has changed?

Looks as though the code for setting session properties is now in
RT::Interface::Web::Session (Attributes method).

Steve

I saw your followups on this issue, but I want to comment this.

Yes, these fixes I was talking about have been integrated into 3.8.0
and as well several fixes would be in 3.8.1 (3.8.1rc1 is available at
this moment for download from our server).

Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
WHEN RT’s DB was created, changing mysql options would not help much

Symptoms: constant login requests on every action

Check: change session handler to Apache::Session::File, if problem
goes away then it’s this issue.

Otherwise issue is different and needs more investigation. In this
case (according to Mark’s further comments) situation is different.

Hope this would help isolate different problems in future.On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen markh@intechgra.com wrote:

Hiya folks,

I saw this mentioned on the list a couple months back, but under Gentoo,
and while the issue was related to the MySQL language configuration,
there was a note from ruz@bp stating that this was an issue related the
default charset setting for MySQL (under Gentoo, though) which had been
addressed for the next release (under 3.6, so it’d be incorporated into
3.8 I’m guessing).

When a user (admin user in this case) logs in, they get the home page,
but any subsequent clicks bring the login page up again. The system and
Apache logs don’t reveal any errors, just a successful login message
when the logins are made.

I’ve checked the database and the cookie, and the RT_SID is identical
and being updated with each request. We did have default-character-set
as utf8 as recommended for Dovecot on the same machine, but I’ve
commented that out and restarted all associated services, and we still
have the multiple login requests.

I’m attaching my my.cnf file below in case that’s the culprit; I do
appreciate any suggestions that might help here.

Environment:
RT: 3.8.0
OS: Oracle Linux 5.2 (RHEL5 equivalent)
DB: MySQL 5.0.45
Web Server: Apache/2.2.3

[snip]

Best regards, Ruslan.

Good debugging. Could you please share information about modules your
server is using. And as well is it mod_perl or FastCGI?On Wed, Aug 6, 2008 at 10:39 PM, Mark Hazen markh@intechgra.com wrote:

Thanks Kenneth… I’d read your post some time back about this solution,
but with 3.8 the session management code has changed quite considerably
(looks to be a complete rewrite), and the code changes you’d attached no
longer fit.

I have been adding a bit of debug code, and I believe I’ve isolated the
problem. In SetupSessionCookie, %cookies is being populated by a call to
CGI::Cookie->fetch. Unfortunately, it appears the value is always undef
for us, no matter the browser.

I’m working up a more complete test, but at this point I’m under the
impression that it’s the fault of CGI::Cookie. I’ll post back once I’ve
finished external testing on CGI::Cookie.

Regards,
-mh.

-----Original Message-----
From: Kenneth Crocker [mailto:KFCrocker@lbl.gov]
Subject: Re: [rt-users] RT requiring login for every click

Mark,
We ran into the same problem, only we are on Oracle. Our problem
turned
out to be the result of using FireFox and Oracle. Our solution was to
change the code RT uses to set a session cookie as follows:


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Best regards, Ruslan.

Thanks Ruslan; I should have mentioned it earlier, but I had indeed tried the Apache::Session::File option, with no success. I’m happy to report however that the problem has been solved. Documenting my own goof here in case it helps someone else.

The problem was that $WebPath was set to a URL, not a path… and a bad URL at that. I think this can be attributed to the normal operation of Admin::Careless and Admin::Tired, perhaps exacerbated by Admin::Coffee->status being null (which has been rectified).

For reference, this is a stock httpd under Oracle Unbreakable (in other words, RHEL5) which comes with scads upon scads of modules installed by default; mod_perl is in use at version 2.02. Hopefully my goof will save someone else with the same symptoms.

I appreciate all of the feedback, and my apologies for it coming down to something as basic as misconfiguration.

Many thanks and regards,
-mh.

Has anyone implemented locking accounts after so many login attempts?
I’m sure I can add it myself but if there’s a solution out there
already…

I’m using 3.6.3

Cheers,

Justin

I have the same problem but not for every click

RT 3.8.1
Mysql 4.1.22
OS: Linux 2.4.21-37.ELsmp

any suggestions

thanks

Marco----- Original Message -----
From: “Ruslan Zakirov” ruz@bestpractical.com
To: “Mark Hazen” markh@intechgra.com
Cc: rt-users@lists.bestpractical.com
Sent: Wednesday, August 06, 2008 10:34 PM
Subject: Re: [rt-users] RT requiring login for every click

I saw your followups on this issue, but I want to comment this.

Yes, these fixes I was talking about have been integrated into 3.8.0
and as well several fixes would be in 3.8.1 (3.8.1rc1 is available at
this moment for download from our server).

Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
WHEN RT’s DB was created, changing mysql options would not help much

Symptoms: constant login requests on every action

Check: change session handler to Apache::Session::File, if problem
goes away then it’s this issue.

Otherwise issue is different and needs more investigation. In this
case (according to Mark’s further comments) situation is different.

Hope this would help isolate different problems in future.

On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen markh@intechgra.com wrote:

Hiya folks,

I saw this mentioned on the list a couple months back, but under Gentoo,
and while the issue was related to the MySQL language configuration,
there was a note from ruz@bp stating that this was an issue related the
default charset setting for MySQL (under Gentoo, though) which had been
addressed for the next release (under 3.6, so it’d be incorporated into
3.8 I’m guessing).

When a user (admin user in this case) logs in, they get the home page,
but any subsequent clicks bring the login page up again. The system and
Apache logs don’t reveal any errors, just a successful login message
when the logins are made.

I’ve checked the database and the cookie, and the RT_SID is identical
and being updated with each request. We did have default-character-set
as utf8 as recommended for Dovecot on the same machine, but I’ve
commented that out and restarted all associated services, and we still
have the multiple login requests.

I’m attaching my my.cnf file below in case that’s the culprit; I do
appreciate any suggestions that might help here.

Environment:
RT: 3.8.0
OS: Oracle Linux 5.2 (RHEL5 equivalent)
DB: MySQL 5.0.45
Web Server: Apache/2.2.3

[snip]


Best regards, Ruslan.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Marco,

I had a similar problem after the 3.8.1 upgrade even though my database was
updated correctly, and I saw the same problem with the file session
handler. I was actually able to fix my issue by taking a trailing slash off
my $WebBaseURL. It seemed like URLs with multiple // in them were
resulting in the extra login prompts. So, that might be something to look
at if you’ve exhausted all the other possibilities. Worked for me.

– MattOn Thu, Aug 28, 2008 at 6:02 AM, Marco Avvisano < marco.avvisano@regione.toscana.it> wrote:

I have the same problem but not for every click

RT 3.8.1
Mysql 4.1.22
OS: Linux 2.4.21-37.ELsmp

any suggestions

thanks

Marco

----- Original Message -----
From: “Ruslan Zakirov” ruz@bestpractical.com
To: “Mark Hazen” markh@intechgra.com
Cc: rt-users@lists.bestpractical.com
Sent: Wednesday, August 06, 2008 10:34 PM
Subject: Re: [rt-users] RT requiring login for every click

I saw your followups on this issue, but I want to comment this.

Yes, these fixes I was talking about have been integrated into 3.8.0
and as well several fixes would be in 3.8.1 (3.8.1rc1 is available at
this moment for download from our server).

Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
WHEN RT’s DB was created, changing mysql options would not help much

Symptoms: constant login requests on every action

Check: change session handler to Apache::Session::File, if problem
goes away then it’s this issue.

Otherwise issue is different and needs more investigation. In this
case (according to Mark’s further comments) situation is different.

Hope this would help isolate different problems in future.

On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen markh@intechgra.com wrote:

Hiya folks,

I saw this mentioned on the list a couple months back, but under Gentoo,
and while the issue was related to the MySQL language configuration,
there was a note from ruz@bp stating that this was an issue related the
default charset setting for MySQL (under Gentoo, though) which had been
addressed for the next release (under 3.6, so it’d be incorporated into
3.8 I’m guessing).

When a user (admin user in this case) logs in, they get the home page,
but any subsequent clicks bring the login page up again. The system and
Apache logs don’t reveal any errors, just a successful login message
when the logins are made.

I’ve checked the database and the cookie, and the RT_SID is identical
and being updated with each request. We did have default-character-set
as utf8 as recommended for Dovecot on the same machine, but I’ve
commented that out and restarted all associated services, and we still
have the multiple login requests.

I’m attaching my my.cnf file below in case that’s the culprit; I do
appreciate any suggestions that might help here.

Environment:
RT: 3.8.0
OS: Oracle Linux 5.2 (RHEL5 equivalent)
DB: MySQL 5.0.45
Web Server: Apache/2.2.3

[snip]


Best regards, Ruslan.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

I’m also having this problem since upgrading from 3.8.0 to 3.8.1. The
Apache::Session::File work-around does fix this but it behaves
differently than it used to, and I’m concerned about security with
this setting turned on.

Anyone had any luck solving this? The suggestion below didn’t apply to me

-Steve

Marco,

I had a similar problem after the 3.8.1 upgrade even though my database was
updated correctly, and I saw the same problem with the file session
handler. I was actually able to fix my issue by taking a trailing slash off
my $WebBaseURL. It seemed like URLs with multiple // in them were
resulting in the extra login prompts. So, that might be something to look
at if you’ve exhausted all the other possibilities. Worked for me.

– Matt

> I have the same problem but not for every click
>
> RT 3.8.1
> Mysql 4.1.22
> OS: Linux 2.4.21-37.ELsmp
>
> any suggestions
>
> thanks
>
> Marco
>
> ----- Original Message -----
> From: “Ruslan Zakirov” <ruz at bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>
> To: “Mark Hazen” <markh at intechgra.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>
> Cc: <rt-users at lists.bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>
> Sent: Wednesday, August 06, 2008 10:34 PM
> Subject: Re: [rt-users] RT requiring login for every click
>
>
> >I saw your followups on this issue, but I want to comment this.
> >
> > Yes, these fixes I was talking about have been integrated into 3.8.0
> > and as well several fixes would be in 3.8.1 (3.8.1rc1 is available at
> > this moment for download from our server).
> >
> > Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
> > WHEN RT’s DB was created, changing mysql options would not help much
> >
> > Symptoms: constant login requests on every action
> >
> > Check: change session handler to Apache::Session::File, if problem
> > goes away then it’s this issue.
> >
> > Otherwise issue is different and needs more investigation. In this
> > case (according to Mark’s further comments) situation is different.
> >
> > Hope this would help isolate different problems in future.
> >
> > On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen <markh at
intechgra.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>
wrote:
> >> Hiya folks,
> >>
> >> I saw this mentioned on the list a couple months back, but under Gentoo,
> >> and while the issue was related to the MySQL language configuration,
> >> there was a note from ruz at bp
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
stating that this was an issue related the
> >> default charset setting for MySQL (under Gentoo, though) which had been
> >> addressed for the next release (under 3.6, so it’d be incorporated into
> >> 3.8 I’m guessing).
> >>
> >> When a user (admin user in this case) logs in, they get the home page,
> >> but any subsequent clicks bring the login page up again. The system and
> >> Apache logs don’t reveal any errors, just a successful login message
> >> when the logins are made.
> >>
> >> I’ve checked the database and the cookie, and the RT_SID is identical
> >> and being updated with each request. We did have default-character-set
> >> as utf8 as recommended for Dovecot on the same machine, but I’ve
> >> commented that out and restarted all associated services, and we still
> >> have the multiple login requests.
> >>
> >> I’m attaching my my.cnf file below in case that’s the culprit; I do
> >> appreciate any suggestions that might help here.
> >>
> >>
> >> Environment:
> >> RT: 3.8.0
> >> OS: Oracle Linux 5.2 (RHEL5 equivalent)
> >> DB: MySQL 5.0.45
> >> Web Server: Apache/2.2.3
> >>
> >
> > [snip]
> >
> > –
> > Best regards, Ruslan.
> > _______________________________________________
> > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> >
> > Community help: http://wiki.bestpractical.com
> > Commercial support: sales at bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> >
> >
> > Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
> > Buy a copy at http://rtbook.bestpractical.com
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
>
> Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>

Did you try the 4.0-4.1 MySQL updates? That seems to fix a lot of
people with corrupt attachments or “back to login page” issue.From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Steve
Hopps
Sent: Thursday, August 28, 2008 2:46 PM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] RT requiring login for every click

I’m also having this problem since upgrading from 3.8.0 to 3.8.1. The
Apache::Session::File work-around does fix this but it behaves
differently than it used to, and I’m concerned about security with this
setting turned on.

Anyone had any luck solving this? The suggestion below didn’t apply to
me

-Steve

Marco,

I had a similar problem after the 3.8.1 upgrade even though my database
was

updated correctly, and I saw the same problem with the file session

handler. I was actually able to fix my issue by taking a trailing
slash off

my $WebBaseURL. It seemed like URLs with multiple // in them were

resulting in the extra login prompts. So, that might be something to
look

at if you’ve exhausted all the other possibilities. Worked for me.

– Matt

I have the same problem but not for every click

RT 3.8.1

Mysql 4.1.22

OS: Linux 2.4.21-37.ELsmp

any suggestions

thanks

Marco

----- Original Message -----

From: “Ruslan Zakirov” <ruz at bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >

To: “Mark Hazen” <markh at intechgra.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >

Cc: <rt-users at lists.bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >

Sent: Wednesday, August 06, 2008 10:34 PM

Subject: Re: [rt-users] RT requiring login for every click

I saw your followups on this issue, but I want to comment this.

Yes, these fixes I was talking about have been integrated into 3.8.0

and as well several fixes would be in 3.8.1 (3.8.1rc1 is available
at

this moment for download from our server).

Affects: RT on mysql 4.1 and newer with utf8 as default DB charset

WHEN RT’s DB was created, changing mysql options would not help much

Symptoms: constant login requests on every action

Check: change session handler to Apache::Session::File, if problem

goes away then it’s this issue.

Otherwise issue is different and needs more investigation. In this

case (according to Mark’s further comments) situation is different.

Hope this would help isolate different problems in future.

Hiya folks,

I saw this mentioned on the list a couple months back, but under
Gentoo,

and while the issue was related to the MySQL language
configuration,

there was a note from ruz at bp
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
stating that this was an issue related the

default charset setting for MySQL (under Gentoo, though) which had
been

addressed for the next release (under 3.6, so it’d be incorporated
into

3.8 I’m guessing).

When a user (admin user in this case) logs in, they get the home
page,

but any subsequent clicks bring the login page up again. The system
and

Apache logs don’t reveal any errors, just a successful login
message

when the logins are made.

I’ve checked the database and the cookie, and the RT_SID is
identical

and being updated with each request. We did have
default-character-set

as utf8 as recommended for Dovecot on the same machine, but I’ve

commented that out and restarted all associated services, and we
still

have the multiple login requests.

I’m attaching my my.cnf file below in case that’s the culprit; I do

appreciate any suggestions that might help here.

Environment:

     RT: 3.8.0
   OS: Oracle Linux 5.2 (RHEL5 equivalent)
   DB: MySQL 5.0.45

Web Server: Apache/2.2.3

[snip]

Best regards, Ruslan.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
http://wiki.bestpractical.com/

Commercial support: sales at bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.

Buy a copy at http://rtbook.bestpractical.com
http://rtbook.bestpractical.com/


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
http://wiki.bestpractical.com/

Commercial support: sales at bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.

Buy a copy at http://rtbook.bestpractical.com
http://rtbook.bestpractical.com/

You missed a step.

Per Ruslan yesterday:
a_session column is longtext what is WRONG and means that you HAVN’T
upgraded correctly.

Read UPGRADING.mysql, this column must be LONGBLOB.

Steve Hopps wrote:

I’m also having this problem since upgrading from 3.8.0 to 3.8.1. http://3.8.1. The //Apache::Session::File// work-around does fix this but it behaves differently than it used to, and I’m concerned about security with this setting turned on.

Anyone had any luck solving this? The suggestion below didn’t apply to me

-Steve

Marco,

I had a similar problem after the 3.8.1 upgrade even though my database was
updated correctly, and I saw the same problem with the file session

handler. I was actually able to fix my issue by taking a trailing slash off
my $WebBaseURL. It seemed like URLs with multiple // in them were
resulting in the extra login prompts. So, that might be something to look

at if you’ve exhausted all the other possibilities. Worked for me.

– Matt

/
/>/ I have the same problem but not for every click
/>/
/>/ RT 3.8.1
/>/ Mysql 4.1.22
/>/ OS: Linux 2.4.21-37.ELsmp
/>/
/>/ any suggestions

/>/
/>/ thanks
/>/
/>/ Marco
/>/
/>/ ----- Original Message -----
/>/ From: “Ruslan Zakirov” <ruz at bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>

/>/ To: “Mark Hazen” <markh at intechgra.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>
/>/ Cc: <rt-users at lists.bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>

/>/ Sent: Wednesday, August 06, 2008 10:34 PM
/>/ Subject: Re: [rt-users] RT requiring login for every click
/>/
/>/
/>/ >I saw your followups on this issue, but I want to comment this.

/>/ >
/>/ > Yes, these fixes I was talking about have been integrated into 3.8.0
/>/ > and as well several fixes would be in 3.8.1 (3.8.1rc1 is available at
/>/ > this moment for download from our server).

/>/ >
/>/ > Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
/>/ > WHEN RT’s DB was created, changing mysql options would not help much
/>/ >
/>/ > Symptoms: constant login requests on every action

/>/ >
/>/ > Check: change session handler to Apache::Session::File, if problem
/>/ > goes away then it’s this issue.
/>/ >
/>/ > Otherwise issue is different and needs more investigation. In this

/>/ > case (according to Mark’s further comments) situation is different.
/>/ >
/>/ > Hope this would help isolate different problems in future.
/>/ >
/>/ > On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen <markh at intechgra.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users> wrote:

/>/ >> Hiya folks,
/>/ >>
/>/ >> I saw this mentioned on the list a couple months back, but under Gentoo,
/>/ >> and while the issue was related to the MySQL language configuration,

/>/ >> there was a note from ruz at bp http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users stating that this was an issue related the
/>/ >> default charset setting for MySQL (under Gentoo, though) which had been

/>/ >> addressed for the next release (under 3.6, so it’d be incorporated into
/>/ >> 3.8 I’m guessing).
/>/ >>
/>/ >> When a user (admin user in this case) logs in, they get the home page,

/>/ >> but any subsequent clicks bring the login page up again. The system and
/>/ >> Apache logs don’t reveal any errors, just a successful login message
/>/ >> when the logins are made.

/>/ >>
/>/ >> I’ve checked the database and the cookie, and the RT_SID is identical
/>/ >> and being updated with each request. We did have default-character-set
/>/ >> as utf8 as recommended for Dovecot on the same machine, but I’ve

/>/ >> commented that out and restarted all associated services, and we still
/>/ >> have the multiple login requests.
/>/ >>
/>/ >> I’m attaching my my.cnf file below in case that’s the culprit; I do

/>/ >> appreciate any suggestions that might help here.
/>/ >>
/>/ >>
/>/ >> Environment:
/>/ >> RT: 3.8.0
/>/ >> OS: Oracle Linux 5.2 (RHEL5 equivalent)

/>/ >> DB: MySQL 5.0.45
/>/ >> Web Server: Apache/2.2.3
/>/ >>
/>/ >
/>/ > [snip]
/>/ >
/>/ > –
/>/ > Best regards, Ruslan.

/>/ > _______________________________________________
/>/ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/ >
/>/ > Community help: http://wiki.bestpractical.com http://wiki.bestpractical.com/
/>/ > Commercial support: sales at bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/ >
/>/ >
/>/ > Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
/>/ > Buy a copy at http://rtbook.bestpractical.com http://rtbook.bestpractical.com/

/>/ _______________________________________________
/>/ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/
/>/ Community help: http://wiki.bestpractical.com http://wiki.bestpractical.com/
/>/ Commercial support: sales at bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/
/>/
/>/ Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
/>/ Buy a copy at http://rtbook.bestpractical.com http://rtbook.bestpractical.com/

/>/
/


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Drew Barnes
Applications Analyst
Network Resources Department
Raymond Walters College
University of Cincinnati

Steve,

What DataBase are you using and what browser?

Kenn
LBNLOn 8/28/2008 11:46 AM, Steve Hopps wrote:

I’m also having this problem since upgrading from 3.8.0 to 3.8.1. http://3.8.1. The //Apache::Session::File// work-around does fix this but it behaves differently than it used to, and I’m concerned about security with this setting turned on.

Anyone had any luck solving this? The suggestion below didn’t apply to me

-Steve

Marco,

I had a similar problem after the 3.8.1 upgrade even though my database was
updated correctly, and I saw the same problem with the file session

handler. I was actually able to fix my issue by taking a trailing slash off
my $WebBaseURL. It seemed like URLs with multiple // in them were
resulting in the extra login prompts. So, that might be something to look

at if you’ve exhausted all the other possibilities. Worked for me.

– Matt

On Thu, Aug 28, 2008 at 6:02 AM, Marco Avvisano < marco.avvisano at regione.toscana.it http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users> wrote:

/
/>/ I have the same problem but not for every click
/>/
/>/ RT 3.8.1
/>/ Mysql 4.1.22
/>/ OS: Linux 2.4.21-37.ELsmp
/>/
/>/ any suggestions

/>/
/>/ thanks
/>/
/>/ Marco
/>/
/>/ ----- Original Message -----
/>/ From: “Ruslan Zakirov” <ruz at bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>

/>/ To: “Mark Hazen” <markh at intechgra.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>
/>/ Cc: <rt-users at lists.bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>

/>/ Sent: Wednesday, August 06, 2008 10:34 PM
/>/ Subject: Re: [rt-users] RT requiring login for every click
/>/
/>/
/>/ >I saw your followups on this issue, but I want to comment this.

/>/ >
/>/ > Yes, these fixes I was talking about have been integrated into 3.8.0
/>/ > and as well several fixes would be in 3.8.1 (3.8.1rc1 is available at
/>/ > this moment for download from our server).

/>/ >
/>/ > Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
/>/ > WHEN RT’s DB was created, changing mysql options would not help much
/>/ >
/>/ > Symptoms: constant login requests on every action

/>/ >
/>/ > Check: change session handler to Apache::Session::File, if problem
/>/ > goes away then it’s this issue.
/>/ >
/>/ > Otherwise issue is different and needs more investigation. In this

/>/ > case (according to Mark’s further comments) situation is different.
/>/ >
/>/ > Hope this would help isolate different problems in future.
/>/ >
/>/ > On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen <markh at intechgra.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users> wrote:

/>/ >> Hiya folks,
/>/ >>
/>/ >> I saw this mentioned on the list a couple months back, but under Gentoo,
/>/ >> and while the issue was related to the MySQL language configuration,

/>/ >> there was a note from ruz at bp http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users stating that this was an issue related the
/>/ >> default charset setting for MySQL (under Gentoo, though) which had been

/>/ >> addressed for the next release (under 3.6, so it’d be incorporated into
/>/ >> 3.8 I’m guessing).
/>/ >>
/>/ >> When a user (admin user in this case) logs in, they get the home page,

/>/ >> but any subsequent clicks bring the login page up again. The system and
/>/ >> Apache logs don’t reveal any errors, just a successful login message
/>/ >> when the logins are made.

/>/ >>
/>/ >> I’ve checked the database and the cookie, and the RT_SID is identical
/>/ >> and being updated with each request. We did have default-character-set
/>/ >> as utf8 as recommended for Dovecot on the same machine, but I’ve

/>/ >> commented that out and restarted all associated services, and we still
/>/ >> have the multiple login requests.
/>/ >>
/>/ >> I’m attaching my my.cnf file below in case that’s the culprit; I do

/>/ >> appreciate any suggestions that might help here.
/>/ >>
/>/ >>
/>/ >> Environment:
/>/ >> RT: 3.8.0
/>/ >> OS: Oracle Linux 5.2 (RHEL5 equivalent)

/>/ >> DB: MySQL 5.0.45
/>/ >> Web Server: Apache/2.2.3
/>/ >>
/>/ >
/>/ > [snip]
/>/ >
/>/ > –
/>/ > Best regards, Ruslan.

/>/ > _______________________________________________
/>/ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/ >
/>/ > Community help: http://wiki.bestpractical.com http://wiki.bestpractical.com/
/>/ > Commercial support: sales at bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/ >
/>/ >
/>/ > Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
/>/ > Buy a copy at http://rtbook.bestpractical.com http://rtbook.bestpractical.com/

/>/ _______________________________________________
/>/ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/
/>/ Community help: http://wiki.bestpractical.com http://wiki.bestpractical.com/
/>/ Commercial support: sales at bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/
/>/
/>/ Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
/>/ Buy a copy at http://rtbook.bestpractical.com http://rtbook.bestpractical.com/

/>/
/



http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Firefox 3.0.1, IE 7.0.5730.11 both behave the same, and I’m running MYSQL
5.0.51a-3ubuntu5 and have been since Day 1. I performed the DB updates when
upgrading from 3.6.6 to 3.8.0, and I also ran the update when going from
3.8.0 to 3.8.1.

-SteveOn Thu, Aug 28, 2008 at 2:03 PM, Kenneth Crocker KFCrocker@lbl.gov wrote:

Steve,

   What DataBase are you using and what browser?

Kenn
LBNL

On 8/28/2008 11:46 AM, Steve Hopps wrote:

I’m also having this problem since upgrading from 3.8.0 to 3.8.1. <
http://3.8.1.> The //Apache::Session::File// work-around does fix this
but it behaves differently than it used to, and I’m concerned about security
with this setting turned on.

Anyone had any luck solving this? The suggestion below didn’t apply to me

-Steve

Marco,

I had a similar problem after the 3.8.1 upgrade even though my database
was
updated correctly, and I saw the same problem with the file session

handler. I was actually able to fix my issue by taking a trailing slash

off
my $WebBaseURL. It seemed like URLs with multiple // in them were
resulting in the extra login prompts. So, that might be something to
look

at if you’ve exhausted all the other possibilities. Worked for me.

– Matt

On Thu, Aug 28, 2008 at 6:02 AM, Marco Avvisano < marco.avvisano at regione.toscana.it < http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>> wrote:

/

/>/ I have the same problem but not for every click
/>/
/>/ RT 3.8.1
/>/ Mysql 4.1.22
/>/ OS: Linux 2.4.21-37.ELsmp
/>/
/>/ any suggestions

/>/
/>/ thanks
/>/
/>/ Marco
/>/
/>/ ----- Original Message -----
/>/ From: “Ruslan Zakirov” <ruz at bestpractical.com <
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>>

/>/ To: “Mark Hazen” <markh at intechgra.com <
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>>
/>/ Cc: <rt-users at lists.bestpractical.com <
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>>

/>/ Sent: Wednesday, August 06, 2008 10:34 PM
/>/ Subject: Re: [rt-users] RT requiring login for every click
/>/
/>/
/>/ >I saw your followups on this issue, but I want to comment this.

/>/ >
/>/ > Yes, these fixes I was talking about have been integrated into 3.8.0
/>/ > and as well several fixes would be in 3.8.1 (3.8.1rc1 is available
at
/>/ > this moment for download from our server).

/>/ >
/>/ > Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
/>/ > WHEN RT’s DB was created, changing mysql options would not help much
/>/ >
/>/ > Symptoms: constant login requests on every action

/>/ >
/>/ > Check: change session handler to Apache::Session::File, if problem
/>/ > goes away then it’s this issue.
/>/ >
/>/ > Otherwise issue is different and needs more investigation. In this

/>/ > case (according to Mark’s further comments) situation is different.
/>/ >
/>/ > Hope this would help isolate different problems in future.
/>/ >
/>/ > On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen <markh at intechgra.com<
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>> wrote:

/>/ >> Hiya folks,
/>/ >>
/>/ >> I saw this mentioned on the list a couple months back, but under
Gentoo,
/>/ >> and while the issue was related to the MySQL language
configuration,

/>/ >> there was a note from ruz at bp <
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users> stating
that this was an issue related the
/>/ >> default charset setting for MySQL (under Gentoo, though) which had
been

/>/ >> addressed for the next release (under 3.6, so it’d be incorporated
into
/>/ >> 3.8 I’m guessing).
/>/ >>
/>/ >> When a user (admin user in this case) logs in, they get the home
page,

/>/ >> but any subsequent clicks bring the login page up again. The system
and
/>/ >> Apache logs don’t reveal any errors, just a successful login
message
/>/ >> when the logins are made.

/>/ >>
/>/ >> I’ve checked the database and the cookie, and the RT_SID is
identical
/>/ >> and being updated with each request. We did have
default-character-set
/>/ >> as utf8 as recommended for Dovecot on the same machine, but I’ve

/>/ >> commented that out and restarted all associated services, and we
still
/>/ >> have the multiple login requests.
/>/ >>
/>/ >> I’m attaching my my.cnf file below in case that’s the culprit; I do

/>/ >> appreciate any suggestions that might help here.
/>/ >>
/>/ >>
/>/ >> Environment:
/>/ >> RT: 3.8.0
/>/ >> OS: Oracle Linux 5.2 (RHEL5 equivalent)

/>/ >> DB: MySQL 5.0.45
/>/ >> Web Server: Apache/2.2.3
/>/ >>
/>/ >
/>/ > [snip]
/>/ >
/>/ > –
/>/ > Best regards, Ruslan.

/>/ > _______________________________________________
/>/ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/ >
/>/ > Community help: http://wiki.bestpractical.com <
http://wiki.bestpractical.com/>
/>/ > Commercial support: sales at bestpractical.com <
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>

/>/ >
/>/ >
/>/ > Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
/>/ > Buy a copy at http://rtbook.bestpractical.com <
http://rtbook.bestpractical.com/>

/>/ _______________________________________________
/>/ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

/>/
/>/ Community help: http://wiki.bestpractical.com <
http://wiki.bestpractical.com/>
/>/ Commercial support: sales at bestpractical.com <
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users>

/>/
/>/
/>/ Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
/>/ Buy a copy at http://rtbook.bestpractical.com <
http://rtbook.bestpractical.com/>

/>/
/



http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media. Buy a
copy at http://rtbook.bestpractical.com

I checked some of my configs against the suggestions in the list, but I
haven’t come across anything that fixes it. Our RT is mostly functional
except it prompts for a login if you select another queue from the
homepage (it goes to the queue fine) and then try to open any of the
tickets. Attempting to open that ticket will force a login. After a
successful login, it goes to the ticket.

Centos 4.6

Mysql 4.1.20-3.RHEL4.1.el4_6

RT 3.8.1

We did 3.6.6 to 3.8.0 to 3.8.1 with all db upgrades in between. If
anyone knows a fix, I’d appreciate it.

TrentFrom: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Steve
Hopps
Sent: Thursday, August 28, 2008 12:16 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT requiring login for every click

Firefox 3.0.1, IE 7.0.5730.11 both behave the same, and I’m running
MYSQL 5.0.51a-3ubuntu5 and have been since Day 1. I performed the DB
updates when upgrading from 3.6.6 to 3.8.0, and I also ran the update
when going from 3.8.0 to 3.8.1.

-Steve

there are some DB maintenance scripts you need to run. read the install README file. this happened to me, too :)----- Original Message -----
From: Marco Avvisano marco.avvisano@regione.toscana.it
Date: Thursday, August 28, 2008 6:16
Subject: Re: [rt-users] RT requiring login for every click
To: Ruslan Zakirov ruz@bestpractical.com
Cc: rt-users@lists.bestpractical.com

I have the same problem but not for every click

RT 3.8.1
Mysql 4.1.22
OS: Linux 2.4.21-37.ELsmp

any suggestions

thanks

Marco

----- Original Message -----
From: “Ruslan Zakirov” ruz@bestpractical.com
To: “Mark Hazen” markh@intechgra.com
Cc: rt-users@lists.bestpractical.com
Sent: Wednesday, August 06, 2008 10:34 PM
Subject: Re: [rt-users] RT requiring login for every click

I saw your followups on this issue, but I want to comment this.

Yes, these fixes I was talking about have been integrated into 3.8.0
and as well several fixes would be in 3.8.1 (3.8.1rc1 is
available at
this moment for download from our server).

Affects: RT on mysql 4.1 and newer with utf8 as default DB charset
WHEN RT’s DB was created, changing mysql options would not
help much

Symptoms: constant login requests on every action

Check: change session handler to Apache::Session::File, if problem
goes away then it’s this issue.

Otherwise issue is different and needs more investigation. In this
case (according to Mark’s further comments) situation is different.

Hope this would help isolate different problems in future.

On Tue, Aug 5, 2008 at 5:24 AM, Mark Hazen markh@intechgra.com wrote:

Hiya folks,

I saw this mentioned on the list a couple months back, but
under Gentoo,

and while the issue was related to the MySQL language
configuration,>> there was a note from ruz@bp stating that this
was an issue related the

default charset setting for MySQL (under Gentoo, though)
which had been

addressed for the next release (under 3.6, so it’d be
incorporated into

3.8 I’m guessing).

When a user (admin user in this case) logs in, they get the
home page,

but any subsequent clicks bring the login page up again. The
system and

Apache logs don’t reveal any errors, just a successful login
message>> when the logins are made.

I’ve checked the database and the cookie, and the RT_SID is
identical>> and being updated with each request. We did have
default-character-set

as utf8 as recommended for Dovecot on the same machine, but I’ve
commented that out and restarted all associated services, and
we still

have the multiple login requests.

I’m attaching my my.cnf file below in case that’s the
culprit; I do

appreciate any suggestions that might help here.

Environment:
RT: 3.8.0
OS: Oracle Linux
5.2 (RHEL5 equivalent)

   DB: MySQL 5.0.45

Web Server: Apache/2.2.3

[snip]


Best regards, Ruslan.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly
Media.
Buy a copy at http://rtbook.bestpractical.com


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly
Media.
Buy a copy at http://rtbook.bestpractical.com