Forum OpenACS Q&A: Logins time out on 5.0b4 even with kernel parameters set?

Hi all,

I've got two (just for play) OpenACS 5.0b4 installs.  I'm using the old built in authentication, nothing fancy.

I'm finding that every couple minutes, I have to log in again.  I checked my kernel settings, here's what I have:

AllowPersistentLogin: 1
LoginTimeout: 0 (which should mean infinite logins)

Can someone give me a push in the right direction?  I'm getting tired of logging in. :)

Hi Cathy

Sorry to hear that, it shouldn't be that way.

Can you please visit /SYSTEM/security-debug.tcl on your server and post the output here?

Before you can do so, though, you need to go edit the file by hand on your server - it's server-root/www/SYSTEM/security-debug.tcl. This is for security reasons.

Thanks,
/Lars

Debug Page For Security Cookies
Cookies
session_id: 110006,0,0 1073532561

ad_user_login:

ad_user_login_secure:

ad_secure_token:

Cookie HTTP header: ad_user_login=2537%20%7b838%200%205D8B1B2B6AA34DF47D5CF9E07246C7636005DFFC%7d; ad_session_id=100107%2c631%2c1%20%7b667%201073525527%20361C30D65122B69F81CE67D9322E53874C82E9C4%7d; ad_secure_token=""; ad_user_login=631%2c1073513527%2c88E075ABF%20%7b665%200%20E8C451F9583DD0DABE09024D158F97234C1F3E7D%7d; ad_user_login_secure=""

ad_conn
user_id: 0

untrusted_user_id: 0

auth_level: none

account_status: closed

Authentication
Authentication expires in: N/A

LoginTimeout: 0

Seems like your cookies aren't getting picked up at all .. if it had anything to do with LoginTimeout, you should still see the cookie next to the first "ad_user_login:", and you should still have "untrusted_user_id" not zero.

My best guess it that your site is sitting on a subdomain or anotehr OpenACS install, for example if you have a site "foo.com", and another at "bar.foo.com", then some browsers will send cookies set for foo.com to bar.foo.com, and those cookies thus will not be valid.

If the problem still persists, I think the next step would be to verify that the cookies that get set are also the ones that the server gets back from the browser. Developer-support's request info page should be helpful here.

/Lars

The problem is gone, I think.  At least, I haven't had to log in recently. :)

I was using horizons.acornhosting.net and would have had an acornhosting.net cookie.  So that might be it.

Another thing that I changed about the same point is that I switched the server name specificied in config.tcl to match the one in the kernel (canonical server name?).

Not sure which of those did it, but it might be useful info for someone else.