[ECODP-dev] test machine to release 00.09.03 with CKAN security patch (ODP-300 & ODP-291 support)

• Previous message: [ECODP-dev] test machine to release 00.09.03 with CKAN security patch (ODP-300 & ODP-291 support)
• Next message: [ECODP-dev] test machine to release 00.09.03 with CKAN security patch (ODP-300 & ODP-291 support)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Bert,

I have investigated the login situation and there seemed to be two
problems, both of which are unrelated to the https configuration:

- the site_url in the CKAN config was set to the internal IP address, which
breaks some redirects.
- caching was enabled in NGINX, and logged-in pages were being cached (the
name of the cookie that is used to authenticate users changed in release 09
so this had to be updated in the NGINX config).

Login should be working as expected again now.

Regards,
John


On 16 October 2013 16:57, John Glover <john.glover at okfn.org> wrote:

> Hi Bert,
>
> Thanks. Could you also please load the most recent dump of the 09
> production database (the backups directory that Dimitrios mentioned before
> is no longer on the server)?
>
> I will investigate the issue with logging in after I have written and
> tested the patch.
>
> Regards,
> John
>
>
>  On 16 October 2013 15:20, Bert Van Nuffelen <
> bert.van.nuffelen at tenforce.com> wrote:
>
>>  Hi John and Darwin,
>>
>> 212.71.25.148 has been setup to release 00.09.03. + the suggested
>> changes to remove the https setup temporary.
>>
>> For ODP-300:
>>
>> There is a system admin user created api/api and a data publisher
>> bert/bert.
>> What we have now is that with this setup if you login as bert, then clear
>> your cookies in your browser and then login as api you see bert.
>> Secondly if Dimitrios logs in on another computer as api then he is also
>> 'bert'.
>>
>> I have the feeling that the suggestion for removing the https setup have
>> a drastic impact on the correct user management.
>>
>> best regards,
>>
>> Bert
>>
>> --
>> Bert Van Nuffelen
>>
>> Semantic Technologies Software Architect at TenForce
>> www.tenforce.be
>>
>> Bert.Van.Nuffelen at tenforce.com
>> Office: +32 (0)16 31 48 60
>> Mobile:+32 479 06 24 26
>> skype: bert.van.nuffelen
>>
>> _______________________________________________
>> Ecodp-dev mailing list
>> Ecodp-dev at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/ecodp-dev/attachments/20131017/120b71a0/attachment.html>

• Previous message: [ECODP-dev] test machine to release 00.09.03 with CKAN security patch (ODP-300 & ODP-291 support)
• Next message: [ECODP-dev] test machine to release 00.09.03 with CKAN security patch (ODP-300 & ODP-291 support)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]