Forum OpenACS Q&A: subsite cookie error on 3.2.5
in test mode:
I have one main site foo.com and a subsite sub.foo.com. I don't have
any problems logging into foo.com using Netscape, Mozilla or IE.
But sometimes I have a problem logging into sub.foo.com via IE. A user
gets redirected to bad-password.tcl whenever he enters a bad password,
but doesn't get logged in when he enters the correct password. This is
happening within /register/user-login-2.tcl. I suppose that
ad_user_login could be the culprit... This *always* happens to my IE
(older version) at work and *sometimes* to my IE 6.0 at home.
Did anyone already stumble over this problem?
I think it has always been IE where we have had to give up and say "use someone else's computer", but I put that down to these being mostly corporate users more than it being an IE specific problem. It happened once with someone using Lotus, too. *shudder*
I killed all the cookies from yesterday out of the IE folder "Temporary Internet Files" and it worked with foo.com and sub.foo.com!!! I logged in the same user on both sites as well as different users on both sites and I couldn't recreate the error. After couple hours I retried to log in.... and the same error as before occurs: I just can't log into sub.foo.com but I can log into foo.com!!!! STRANGE...
Then I logged out of both sites and evaluated the cookies. They are different.
This means that he didn't really log out with sub.foo.com and doesn't have a browser_id anymore. After I just typed in sub.foo.com/register/logout.tcl the sub.foo.com cookie looks like this:
The browser_id is still missing and I can't log into sub.foo.com at all!
Then I delete the cookies again and the old error occurs. STRANGE!
Then I close IE completely AND delete the cookies. I *can* log into sub.foo.com, great, but what's wrong? I am going crazy...
Any cookie chief out there?
With fails when you do it through a frame I mean the cookie is not even written to the "/Temporaray Internet Files" folder of IE.
Any suggestions how to fix this?
Obviously IE only accepts cookies from within a frame when the domain of the frame is the same as the domain that is displayed in the browser.
I therefore moved the frameset to my server and referenced the top and left navigation to the external server and not vice versa.