Forum OpenACS Q&A: Re: Logins time out on 5.0b4 even with kernel parameters set?

Posted by Lars Pind on
Hi Cathy

Sorry to hear that, it shouldn't be that way.

Can you please visit /SYSTEM/security-debug.tcl on your server and post the output here?

Before you can do so, though, you need to go edit the file by hand on your server - it's server-root/www/SYSTEM/security-debug.tcl. This is for security reasons.


Posted by Cathy Sarisky on
Debug Page For Security Cookies
session_id: 110006,0,0 1073532561




Cookie HTTP header: ad_user_login=2537%20%7b838%200%205D8B1B2B6AA34DF47D5CF9E07246C7636005DFFC%7d; ad_session_id=100107%2c631%2c1%20%7b667%201073525527%20361C30D65122B69F81CE67D9322E53874C82E9C4%7d; ad_secure_token=""; ad_user_login=631%2c1073513527%2c88E075ABF%20%7b665%200%20E8C451F9583DD0DABE09024D158F97234C1F3E7D%7d; ad_user_login_secure=""

user_id: 0

untrusted_user_id: 0

auth_level: none

account_status: closed

Authentication expires in: N/A

LoginTimeout: 0

Posted by Lars Pind on
Seems like your cookies aren't getting picked up at all .. if it had anything to do with LoginTimeout, you should still see the cookie next to the first "ad_user_login:", and you should still have "untrusted_user_id" not zero.

My best guess it that your site is sitting on a subdomain or anotehr OpenACS install, for example if you have a site "", and another at "", then some browsers will send cookies set for to, and those cookies thus will not be valid.

If the problem still persists, I think the next step would be to verify that the cookies that get set are also the ones that the server gets back from the browser. Developer-support's request info page should be helpful here.