|
List Info
Thread: C::P::Authentication IE Problem - Time Issue
|
|
| C::P::Authentication IE Problem - Time
Issue |
 
United States |
2007-08-27 18:03:13 |
I was experiencing a weird annoyance with
C::P::Authentication today. I
saw reports of similar symptoms in the list, but nobody with
my
particular solution. In Firefox everything was working
fine, but in all
the IE browsers auth cookies weren't being stored.
Eventually I grabbed
a HTTP Session inspector to see how the cookies were being
set. The
expire time on the cookies was sent as GMT several hours in
the past.
Seeing this, I was a bit amazed firefox was storing the
cookies at all.
The time on the server had slipped back about half a day.
An update to
my server's ntp config and everything was back to normal.
My lesson for today is: Catalyst is smarter than me! ^^
As a side note, is there a way to control the session length
of the
authentication cookie?
Kind Regards,
/Mitch
_______________________________________________
List: Catalyst lists.rawmode.org
Listinfo: ht
tp://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-
archive.com/catalystlists.rawmode.org/
Dev site: http://dev.catalyst.per
l.org/
|
|
| Re: C::P::Authentication IE Problem -
Time Issue |
 
Israel |
2007-08-27 18:29:38 |
On Mon, Aug 27, 2007 at 18:03:13 -0500, Mitchell Jackson
wrote:
> As a side note, is there a way to control the session
length of the
> authentication cookie?
That is in the Session plugin, cookie_expires.
Normally cookie_expires matches session expiry, but you can
set an
alternate TTL, or poke in DynamicExpiry.
There have been issues with it lately that I haven't
resolved yet,
so by all means try it out and if you find the bug please
provide
details 
--
Yuval Kogman <nothingmuchwoobling.org>
http://nothingmuch.wo
obling.org 0xEBD27418
_______________________________________________
List: Catalystlists.rawmode.org
Listinfo: ht
tp://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-
archive.com/catalystlists.rawmode.org/
Dev site: http://dev.catalyst.per
l.org/
|
|
| RE: C::P::Authentication IE Problem -
Time Issue |
 
Germany |
2007-08-27 18:44:01 |
>I was experiencing a weird annoyance with
C::P::Authentication today. I
>saw reports of similar symptoms in the list, but nobody
with my
>particular solution. In Firefox everything was working
fine, but in all
>the IE browsers auth cookies weren't being stored.
Eventually I grabbed
>a HTTP Session inspector to see how the cookies were
being set. The
>expire time on the cookies was sent as GMT several hours
in the past.
What I've done before is send the server time as part of the
login screen
and use some Javascript to warn if the server time is more
than a set time
away from the client PC time. Sometimes it's server time
drift, sometimes
client PC time drift. It's annoying that IE simply drops a
historic cookie
without warning and then you think the user is typing the
password wrong.
>As a side note, is there a way to control the session
length of the
>authentication cookie?
In your conf set: cookie_expires
http://search.cpan.org/author/NUFFIN
/Catalyst-Plugin-Session-State-Cookie-0.
07/lib/Catalyst/Plugin/Session/State/Cookie.pm
You can set session expiry with conf: expires
http://search.cpan.org/~nuffin/Catal
yst-Plugin-Session-0.18/lib/Catalyst/Plu
gin/Session.pm
You also need to extend an expiring cookie by calling
session_expires()
somewhere (e.g. in auto :Private in your main controller) to
resend it
otherwise by default it times out after 2 hours.
Regards, Peter
_______________________________________________
List: Catalystlists.rawmode.org
Listinfo: ht
tp://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-
archive.com/catalystlists.rawmode.org/
Dev site: http://dev.catalyst.per
l.org/
|
|
| Re: C::P::Authentication IE Problem -
Time Issue |
United States |
2007-08-28 09:50:22 |
Mitchell Jackson <mitch.listsonsitesquad.com> wrote
on 08/27/2007 06:03:13
PM:
> I was experiencing a weird annoyance with
C::P::Authentication today. I
> saw reports of similar symptoms in the list, but nobody
with my
> particular solution. In Firefox everything was working
fine, but in all
> the IE browsers auth cookies weren't being stored.
Eventually I grabbed
> a HTTP Session inspector to see how the cookies were
being set. The
> expire time on the cookies was sent as GMT several
hours in the past.
> Seeing this, I was a bit amazed firefox was storing the
cookies at all.
> The time on the server had slipped back about half a
day. An update to
> my server's ntp config and everything was back to
normal.
>
> My lesson for today is: Catalyst is smarter than me!
^^
IE is sensitive to the server side time, firefox
seems to offset
from client time (or at least a minimum amount of cookie
would be in the
past). Anytime you hear that a cookie issue exists on IE
but not firefox
your first suspect should be the server time. This can be a
big issue on
virtualized servers (vmware) that do not have the proper
time config on
them for the host (or a OS that does not respect the types
of time updates
that vmware is pushing out). I have seen poorly configured
hosts drift as
much as 3 hours per hour on vmware.
http
://www.vmware.com/pdf/vmware_timekeeping.pdf
>
> As a side note, is there a way to control the session
length of the
> authentication cookie?
>
> Kind Regards,
>
> /Mitch
>
> _______________________________________________
> List: Catalystlists.rawmode.org
> Listinfo: ht
tp://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive:
http://www.mail-
archive.com/catalystlists.rawmode.org/
> Dev site: http://dev.catalyst.per
l.org/
_______________________________________________
List: Catalystlists.rawmode.org
Listinfo: ht
tp://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-
archive.com/catalystlists.rawmode.org/
Dev site: http://dev.catalyst.per
l.org/
|
|
[1-4]
|
|
|
about | contact Other archives ( Real Estate discussion Medical topics )
|