-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Suma Server Keeps Logging Admin User Out #142
Comments
Thanks for writing. This is a really strange issue that I don't think we've
seen before. As you can see below, Suma's administrative authentication
component is extremely simple:
https://github.com/suma-project/Suma/blob/master/service/controllers/AdminController.php#L410-L422
https://github.com/suma-project/Suma/blob/master/service/controllers/AdminController.php#L22-L43
https://github.com/suma-project/Suma/blob/master/service/controllers/BaseController.php#L22-L35
Basically, it compares the login and password to what's in the config file,
and if it matches, it sets a PHP session and the corresponding browser
cookie using the Zend_Auth library. If this were consistently failing, I'd
say that somehow either the session isn't being stored or is expiring very
quickly, the cookie is somehow being lost or is expiring very quickly, or
some other strange thing is happening along those lines (maybe something
with vhosts, cookies, and CORS? I really don't know). For example:
https://community.auth0.com/t/sessions-expiring-too-quickly/10850/4
But since it is occasionally working...I'm out of ideas. Has it failed
again since it started working for Sydney? Is it possible that one of those
things you checked somehow fixed it?
Thanks,
Jason
…On Fri, Oct 2, 2020 at 2:18 PM thisguyiknow ***@***.***> wrote:
Sydney Thompson, who used your Suma software at NC State, had me install
it to use here at CWU. After she logs into the Suma server admin, *any*
link she clicks on next will send her back to the login page for the Suma
server admin. (Examples: "Edit locations", "Edit initiatives", "Direct JSON
Import". She experiences this issue when accessing from on-campus and at
home via our campus VPN. I wasn't able to recreate her issue from home via
VPN, but when I tried it on my work computer (via remote desktop) I
experienced the same issue. Some things I tried or checked:
- Checked Apache access and error logs for any PHP errors. Nothing
relevant there.
- Checked sumaserver.log for any indication of what the issue might
be. I didn't see anything relevant there either.
- Verified Apache settings.
- Verified all config.yaml files.
- Tried completely clear my web browser's cache / cookies.
- Set SUMA_DEBUG variable to true.
- Tried a different browser.
Sydney JUST emailed me and now it's working for her at work and from home.
Issue is annoyingly sporadic. Do you have any idea what else might cause
this issue? Anything specific to check?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#142>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AACVIVNOJY4UKGF4SP4YLDTSIYKNTANCNFSM4SCAB2SQ>
.
|
Closing due to inactivity. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sydney Thompson, who used your Suma software at NC State, had me install it to use here at CWU. After she logs into the Suma server admin, any link she clicks on next will send her back to the login page for the Suma server admin. (Examples: "Edit locations", "Edit initiatives", "Direct JSON Import". She experiences this issue when accessing from on-campus and at home via our campus VPN. I wasn't able to recreate her issue from home via VPN, but when I tried it on my work computer (via remote desktop) I experienced the same issue. Some things I tried or checked:
Sydney JUST emailed me and now it's working for her at work and from home. Issue is annoyingly sporadic. Do you have any idea what else might cause this issue? Anything specific to check?
The text was updated successfully, but these errors were encountered: