Description
Suppose there are two MoinMoin instances installed on the same server, each has a url like the following:
http://wiki.server.com/anotherwiki
Thanks to the farmconfig, it is possible and both work fine, except when a user with the same user name and password tries to logon both sites on the same machine using the same browser. This is what will happen:
- two cookies will be created correctly.
The user can logon http://wiki.server.com with no trouble.
Whenever the user has logged on http://wiki.server.com, access to http://wiki.server.com/anotherwiki will be as if the user hasn't logged on, unless (s)he logs out from http://wiki.server.com
Whenever the user has logged on http://wiki.server.com, try to logon again on http//wiki.server.com/anotherwiki will fail with a message "wrong user id or password" (or something like that), until (s)he logs out from http://wiki.server.com
Don't know if this is a moin bug, or just because of the way how a cookie works.
Steps to reproduce
- do this...
Example
Details
MoinMoin Version |
1.3.1 |
OS and Version |
fedora core 3 |
Python Version |
2.3.4 |
Server Setup |
apache |
Server Details |
|
Workaround
- Do not create two wikis when one uses '/' path.
- Use pathes /awiki and /bwiki instead. Or use different hostnames (this already works).
- When having problems to login, delete your MOIN_ID cookie before you login.
Discussion
Its a known bug with our cookie code, but it happens only on rare cases, like developer trying to run both cgi and twisted/standalone wikis, which both creates a cookie with path = '/' while cgi creates a cookike with path = '/mywiky', where mywiki is your ScriptAlias
We checked the problem, seems that fixing this issue will require big change in the way we use cookies. Since we are working on a new auth scheme anyway for 1.4, this will be fixed in 1.4. -- NirSoffer 2004-12-16 03:03:59
Plan
Document this issue in the help. Do we have HelpOnWikiFarm?
- Priority: low, rare problem
Assigned to: ThomasWaldmann
- Status: fixed in 1.5 branch (there are new cookie_domain and cookie_path settings. this together with a sane setup should solve cookie problems. if you really think there are bugs left, reopen this bug after testing.)