Home
The Toolkit for Online Communities
16686 Community Members, 2 members online, 2337 visitors today
Log In Register
OpenACS Home : Forums : OpenACS Development : Expiring logins requirements/design yet again ... : One Message

Forum OpenACS Development: Re: Expiring logins requirements/design yet again ...

Collapse
Posted by Lars Pind on
Hazi,

There are two issues:

1) the login page has expired (to prevent people from reusing your login page after you've logged out and left the site)

2) you're successfully logged in, but the login expires very quickly.

To my knowledge, I've actually fixed both of these.

/Lars

Collapse
Posted by Joel Aufrecht on
The fix should be in 5.0.4, due out any day now.
Collapse
Posted by Hazi Gharagozlou on
Lars,

I just checkout the 5.0.4-final version from cvs, and I am afraid to report that the login problem still there. Just to reiterate, I changed in the permissions of acs-kernel  LoginExpirationTime from 1200 to 0 and I get "The login page has expired. Please log in again." The only remedy is to change the record in apm_paramter_values.

Collapse
Posted by Joel Aufrecht on
Let's escalate this to a bug, instead of a forum discussion, so we have better tracking and can incorporate it into release managed.  Hari, could you file it, with a verbose repro case?  Lars, could you verify that your new code is indeed in 5.0.4?
Collapse
Posted by Lars Pind on
Ok. Change was on HEAD (5.1).

http://cvs.openacs.org/cvs/openacs-4/packages/acs-subsite/lib/login.tcl?r1=1.20&r2=1.21

if { $expiration_time < 30 } {
              # If expiration_time is less than 30 seconds, it's practically impossible to login
              # and you will have completely hosed login on your entire site
              set expiration_time 30
          }

This bug has been there since the beginning of times.

/Lars