Hi, these errors (and others) are fixed in
Maypole::Plugin::Authentication::UserSessionCookie .. I'm waiting for a
new maypole release to push this, as it depends on features only in
existence in the SVN repo, but for interested people it's available at
http://dev.thefeed.no/repos/Maypole-Authentication-UserSessionCookie/
trunk
Marcus
On 15. des. 2004, at 17.13, Marcello wrote:
> Hallo everybody,
> I found two minor bugs in Maypole/Authentication/UserSessionCookie.pm:
>
> 1)
> method login_user:
> -----------------
> if ($@ =~ /does not exist in the data store/) {
> ^^^ this is missing in the original file
> the absence of "the " prevents the hardcoded string from matching with
> the returned string, which contains "the ".
>
> 2)
> I was unable to logout because the cookie which was supposed to
> "invalidate" the existing one with the session id... did not
> invalidate it.
> Well, after some time I found a typo that seemed to solve the issue:
> method _logout_cookie:
> my $cookie_name = $r->config->{auth}{cookie_name} || "session_id";
>
> method login_user:
> my $cookie_name = $r->config->{auth}{cookie_name} || "sessionid";
>
> Notice the proposed cookie name: it is 'session_id' (with underscore)
> in one case, and 'sessionid' (without the underscore) in the other.
> I didn't specify a cookie name for the session id cookie, so the
> provided default was used. Since one is supposed to invaidate the
> other, when I logged in after a logout the old session cookie was
> never invalidated, and the 'check_credential' path was never taken
> again.
>
> Hope this helped someone.
>
> Marcello
>
> _______________________________________________
> maypole-dev mailing list
> maypole-dev at lists.netthink.co.uk
> http://lists.netthink.co.uk/listinfo/maypole-dev
_______________________________________________
maypole-dev mailing list
maypole-dev at lists.netthink.co.uk
http://lists.netthink.co.uk/listinfo/maypole-dev
This archive was generated by hypermail 2.1.3 : Thu Feb 24 2005 - 22:25:57 GMT