Hallo everybody,
I found two minor bugs in Maypole/Authentication/UserSessionCookie.pm:
1)
method login_user:
-----------------
if ($@ =~ /does not exist in the data store/) {
^^^ this is missing in the original file
the absence of "the " prevents the hardcoded string from matching with
the returned string, which contains "the ".
2)
I was unable to logout because the cookie which was supposed to
"invalidate" the existing one with the session id... did not invalidate it.
Well, after some time I found a typo that seemed to solve the issue:
method _logout_cookie:
my $cookie_name = $r->config->{auth}{cookie_name} || "session_id";
method login_user:
my $cookie_name = $r->config->{auth}{cookie_name} || "sessionid";
Notice the proposed cookie name: it is 'session_id' (with underscore) in
one case, and 'sessionid' (without the underscore) in the other.
I didn't specify a cookie name for the session id cookie, so the
provided default was used. Since one is supposed to invaidate the other,
when I logged in after a logout the old session cookie was never
invalidated, and the 'check_credential' path was never taken again.
Hope this helped someone.
Marcello
_______________________________________________
maypole-dev mailing list
maypole-dev at lists.netthink.co.uk
http://lists.netthink.co.uk/listinfo/maypole-dev
This archive was generated by hypermail 2.1.3 : Thu Feb 24 2005 - 22:25:57 GMT