can anyone explain this behaviour?

Get help from other users here.

Moderators: Developer, Contributor

Post Reply
waters
Posts: 1
Joined: 23 Mar 2005, 18:55

can anyone explain this behaviour?

Post by waters »

One of our clients reported this issue. She logs in, she can follow few links, but in most cases she is redirected back to the login page. Logging back in does not resolve the problem. This happens on several different machines she uses at her company. She swears that, on each machine, she only has one browser at a time logged in to Mantis, and she always uses the same account.

We can reproduce the problem ourselves by logging in to their VPN and then connecting to Mantis from there. We cannot reproduce the exact symptoms locally within our own network, nor do we see them from our test machine outside our firewall.

Browser: IE6
Connection: http (as opposed to https)
Cookies: set to Medium
Firewalls: her connection comes out through her company's firewall and in to Mantis through our firewall which is Astaro.

We looged in to Mantis account via client's VPN again and tried reproducing the problem again.This time, when I clicked on the link to one project from the View Items list, the resulting Item report page identified me as being logged in as client (client name), not myself! I cannot reproduce this anymore today, but the fact it happened at all is scary.
thraxisp
Developer
Posts: 509
Joined: 14 Feb 2005, 03:38
Location: Ottawa, Canada
Contact:

Post by thraxisp »

This sounds like some confusion in the proxy server. Most of Mantis depends on a cookie value being set for each user uniquely to allow for authentication. It soulds like these are being confused somewhere.

(I had a similar experience with VPNs remembering the last login name for a particular connection and reusing that with new connections through the same port.)
Guest

Post by Guest »

Thanks Thraxip
How did you fix the problem?
Post Reply