Re: Auth ignoring Session, redirecting to login under heavy load.
On Fri, May 1, 2009 at 7:16 AM, j0n4s.h4rtm...@googlemail.com j0n4s.h4rtm...@googlemail.com wrote: Hello Brian, about PLESK: 1. Your DOCUMENT ROOT will be something like /var/www/domains/ domain.tld/httpdocs you will need to change that via ssh for instance. You can do that multiple ways but the PLESK way is to go to /var/www/ domains/domain.tld/conf/ and add vhost.conf there which only has DocumentRoot /foo/bar. vhost is included by PLESK (at least on HostEurope). 2. I had issues with unix permissions. There are some users and some groups and you can only have one user and group. Webserver runs on root and/or www-data - I did not understand that fully why it even runs under root. FTPUser (so that you can change/add files) is something like ftpDOMAIN and then there is something like psacln GROUP. I played around with switching groups and users to www-data and/ or root - sometimes webserver worked sometimes ftp. Finally I went with very open unix permissions :/ in my /var/www/domains/domain.tld/httpdocs/web/ (insides that lies my ./app and ./cake folder) chown -R ftpDOMAIN:psacln . chmod -R 755 . ./app/tmp required even 777 as well as ./app/webroot/uploads (there go my MeioUpload uploads) I even wonder why I need execute flag to be able to use FTP (no joke) :/. You need execute on directories so that you can read them (list contents). PLESK is a mess, I am weak on the linux side but PLESK is really bad :/. At domainfactory for instance (which costs more, yes) you can just set your Document Root per subdomain in a web interface, PLESK with all its useless stuff cannot do that. I hate Plesk, also. My app will be on my client's server and he doesn't know a lot about linux, either. I've done a few things for him and Plesk has always been a huge pain. This will be the 1st Cake site I do for him so I'm a bit concerned how this is going to go. Thanks for the heads-up! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Auth ignoring Session, redirecting to login under heavy load.
Hello Brian,
about PLESK:
1. Your DOCUMENT ROOT will be something like /var/www/domains/
domain.tld/httpdocs you will need to change that via ssh for instance.
You can do that multiple ways but the PLESK way is to go to /var/www/
domains/domain.tld/conf/ and add vhost.conf there which only has
DocumentRoot /foo/bar. vhost is included by PLESK (at least on
HostEurope).
2. I had issues with unix permissions. There are some users and some
groups and you can only have one user and group. Webserver runs on
root and/or www-data - I did not understand that fully why it even
runs under root. FTPUser (so that you can change/add files) is
something like ftpDOMAIN and then there is something like psacln
GROUP. I played around with switching groups and users to www-data and/
or root - sometimes webserver worked sometimes ftp. Finally I went
with very open unix permissions :/
in my /var/www/domains/domain.tld/httpdocs/web/ (insides that lies
my ./app and ./cake folder)
chown -R ftpDOMAIN:psacln .
chmod -R 755 .
./app/tmp required even 777 as well as ./app/webroot/uploads (there
go my MeioUpload uploads)
I even wonder why I need execute flag to be able to use FTP (no
joke) :/.
PLESK is a mess, I am weak on the linux side but PLESK is really
bad :/.
At domainfactory for instance (which costs more, yes) you can just set
your Document Root per subdomain in a web interface, PLESK with all
its useless stuff cannot do that.
On Apr 30, 6:51 pm, brian bally.z...@gmail.com wrote:
On Thu, Apr 30, 2009 at 5:04 AM, Jonas Hartmann
j0n4s.h4rtm...@googlemail.com wrote:
Hello,
i have an issue with deploying my cake application. Running local on
Mac OS X it works like charm. After uploading it to a Ubuntu based
VHost on HostEurope I had some headaches with PLESK and its strange
standard unix permission setup.
OT: I'd appreciate it if you posted a quick message discussing some of
the problems you encountered with Plesk and the solutions you found.
I'll soon be deploying something to a Plesk server and, though I've
found a few comments about that online, I haven't seen much in the way
of answers.
I lose my session from time to time under heavy load. This happens
with either php, cake or database sessions, I have tried all of them.
It happens when for Instance I
runhttp://www.domain.tld/admin/categories/index
multiple times in Firefox-Tabs at once - thus, if I fire multiple
http requests very shortly after each other. I have no clue if
multiple users firing multiple events would lead to the same issue,
yet (that would be even worse).
I got the latest SVN head from 1.2 stable and just uploaded it to make
sure that it is not already fixed / an internal problem.
I am looking forward to your help/tips in regards to:
a.) My small controller code, quoted below?
b.) Debugging tips - how should I continue to understand what the
problem is?
I have disabled cache and debugging is on 2.
This is how I test against routing prefix admin. I do not know if it
is the best or recommended way. I would welcome suggestions. Best
would be if the problem would be fixed afterwards
?php
class AppController extends Controller {
var $helpers = array('Html', 'Form', 'Javascript', 'Time');
var $components = array('Cookie', 'Session', 'Auth');
function beforeFilter() {
if(isset($this-params['prefix'])) {
if($this-params['prefix'] == 'admin') {
Configure::write('debug', 2);
$this-Auth-deny('*');
$this-Auth-allow('login');
} else {
$this-Auth-allow('*');
}
} else {
$this-Auth-allow('*');
}
}
}
?
You should never include 'login' in allow().
This is how I have things working:
AppController:
function beforeFilter()
{
$this-Auth-fields = array('username' = 'email', 'password' =
'password');
$this-Auth-loginError = 'No matching user found.';
$this-Auth-loginAction = array('controller' = 'users', 'action' =
'login');
$this-Auth-loginRedirect = array('controller' = 'pages', 'action'
= 'display', 'home');
$this-Auth-autoRedirect = false;
$this-Auth-logoutRedirect = array('controller' = 'users', 'action'
= 'login');
/* Auth will check controller's isAuthorized()
*/
$this-Auth-authorize = 'controller';
/* I have no public pages, so I need a better authError
* than the default 'You are not authorized to access that
* location.' for users who haven't loged in yet.
*/
if (!$this-Session-read('User'))
{
$this-Auth-authError = 'Please log in';
}
$admin = Configure::read('Routing.admin');
Re: Auth ignoring Session, redirecting to login under heavy load.
Setting Security.level from high to medium worked.
It seems like if the webserver is under heavy request by one user,
Security high will kick that session.
Is that right?
King regards
Jonas
On Apr 30, 1:45 pm, Amit Badkas amitrb...@gmail.com wrote:
Hi,
What's the security level of your application (you can find this in
app/config/core.php in 'Security.level' setting)? If it's 'high' then try
after changing it to 'medium' or 'low'
Amit
http://amitrb.wordpress.com/http://coppermine-gallery.net/http://cheesecake-photoblog.org/http://www.sanisoft.com/blog/author/amitbadkas
On Thu, Apr 30, 2009 at 2:34 PM, Jonas Hartmann
j0n4s.h4rtm...@googlemail.com wrote:
Hello,
i have an issue with deploying my cake application. Running local on
Mac OS X it works like charm. After uploading it to a Ubuntu based
VHost on HostEurope I had some headaches with PLESK and its strange
standard unix permission setup. After making those things work, I
still have one problem left:
I lose my session from time to time under heavy load. This happens
with either php, cake or database sessions, I have tried all of them.
It happens when for Instance I run
http://www.domain.tld/admin/categories/index
multiple times in Firefox-Tabs at once - thus, if I fire multiple
http requests very shortly after each other. I have no clue if
multiple users firing multiple events would lead to the same issue,
yet (that would be even worse).
I got the latest SVN head from 1.2 stable and just uploaded it to make
sure that it is not already fixed / an internal problem.
I am looking forward to your help/tips in regards to:
a.) My small controller code, quoted below?
b.) Debugging tips - how should I continue to understand what the
problem is?
I have disabled cache and debugging is on 2.
This is how I test against routing prefix admin. I do not know if it
is the best or recommended way. I would welcome suggestions. Best
would be if the problem would be fixed afterwards
?php
class AppController extends Controller {
var $helpers = array('Html', 'Form', 'Javascript', 'Time');
var $components = array('Cookie', 'Session', 'Auth');
function beforeFilter() {
if(isset($this-params['prefix'])) {
if($this-params['prefix'] == 'admin') {
Configure::write('debug', 2);
$this-Auth-deny('*');
$this-Auth-allow('login');
} else {
$this-Auth-allow('*');
}
} else {
$this-Auth-allow('*');
}
}
}
?
King regards
Jonas Hartmann aka ionas/ionas82
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Auth ignoring Session, redirecting to login under heavy load.
Hi,
What's the security level of your application (you can find this in
app/config/core.php in 'Security.level' setting)? If it's 'high' then try
after changing it to 'medium' or 'low'
Amit
http://amitrb.wordpress.com/
http://coppermine-gallery.net/
http://cheesecake-photoblog.org/
http://www.sanisoft.com/blog/author/amitbadkas
On Thu, Apr 30, 2009 at 2:34 PM, Jonas Hartmann
j0n4s.h4rtm...@googlemail.com wrote:
Hello,
i have an issue with deploying my cake application. Running local on
Mac OS X it works like charm. After uploading it to a Ubuntu based
VHost on HostEurope I had some headaches with PLESK and its strange
standard unix permission setup. After making those things work, I
still have one problem left:
I lose my session from time to time under heavy load. This happens
with either php, cake or database sessions, I have tried all of them.
It happens when for Instance I run
http://www.domain.tld/admin/categories/index
multiple times in Firefox-Tabs at once - thus, if I fire multiple
http requests very shortly after each other. I have no clue if
multiple users firing multiple events would lead to the same issue,
yet (that would be even worse).
I got the latest SVN head from 1.2 stable and just uploaded it to make
sure that it is not already fixed / an internal problem.
I am looking forward to your help/tips in regards to:
a.) My small controller code, quoted below?
b.) Debugging tips - how should I continue to understand what the
problem is?
I have disabled cache and debugging is on 2.
This is how I test against routing prefix admin. I do not know if it
is the best or recommended way. I would welcome suggestions. Best
would be if the problem would be fixed afterwards
?php
class AppController extends Controller {
var $helpers = array('Html', 'Form', 'Javascript', 'Time');
var $components = array('Cookie', 'Session', 'Auth');
function beforeFilter() {
if(isset($this-params['prefix'])) {
if($this-params['prefix'] == 'admin') {
Configure::write('debug', 2);
$this-Auth-deny('*');
$this-Auth-allow('login');
} else {
$this-Auth-allow('*');
}
} else {
$this-Auth-allow('*');
}
}
}
?
King regards
Jonas Hartmann aka ionas/ionas82
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Auth ignoring Session, redirecting to login under heavy load.
Hello,
i have an issue with deploying my cake application. Running local on
Mac OS X it works like charm. After uploading it to a Ubuntu based
VHost on HostEurope I had some headaches with PLESK and its strange
standard unix permission setup. After making those things work, I
still have one problem left:
I lose my session from time to time under heavy load. This happens
with either php, cake or database sessions, I have tried all of them.
It happens when for Instance I run http://www.domain.tld/admin/categories/index
multiple times in Firefox-Tabs at once - thus, if I fire multiple
http requests very shortly after each other. I have no clue if
multiple users firing multiple events would lead to the same issue,
yet (that would be even worse).
I got the latest SVN head from 1.2 stable and just uploaded it to make
sure that it is not already fixed / an internal problem.
I am looking forward to your help/tips in regards to:
a.) My small controller code, quoted below?
b.) Debugging tips - how should I continue to understand what the
problem is?
I have disabled cache and debugging is on 2.
This is how I test against routing prefix admin. I do not know if it
is the best or recommended way. I would welcome suggestions. Best
would be if the problem would be fixed afterwards
?php
class AppController extends Controller {
var $helpers = array('Html', 'Form', 'Javascript', 'Time');
var $components = array('Cookie', 'Session', 'Auth');
function beforeFilter() {
if(isset($this-params['prefix'])) {
if($this-params['prefix'] == 'admin') {
Configure::write('debug', 2);
$this-Auth-deny('*');
$this-Auth-allow('login');
} else {
$this-Auth-allow('*');
}
} else {
$this-Auth-allow('*');
}
}
}
?
King regards
Jonas Hartmann aka ionas/ionas82
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Auth ignoring Session, redirecting to login under heavy load.
On Thu, Apr 30, 2009 at 5:04 AM, Jonas Hartmann
j0n4s.h4rtm...@googlemail.com wrote:
Hello,
i have an issue with deploying my cake application. Running local on
Mac OS X it works like charm. After uploading it to a Ubuntu based
VHost on HostEurope I had some headaches with PLESK and its strange
standard unix permission setup.
OT: I'd appreciate it if you posted a quick message discussing some of
the problems you encountered with Plesk and the solutions you found.
I'll soon be deploying something to a Plesk server and, though I've
found a few comments about that online, I haven't seen much in the way
of answers.
I lose my session from time to time under heavy load. This happens
with either php, cake or database sessions, I have tried all of them.
It happens when for Instance I run
http://www.domain.tld/admin/categories/index
multiple times in Firefox-Tabs at once - thus, if I fire multiple
http requests very shortly after each other. I have no clue if
multiple users firing multiple events would lead to the same issue,
yet (that would be even worse).
I got the latest SVN head from 1.2 stable and just uploaded it to make
sure that it is not already fixed / an internal problem.
I am looking forward to your help/tips in regards to:
a.) My small controller code, quoted below?
b.) Debugging tips - how should I continue to understand what the
problem is?
I have disabled cache and debugging is on 2.
This is how I test against routing prefix admin. I do not know if it
is the best or recommended way. I would welcome suggestions. Best
would be if the problem would be fixed afterwards
?php
class AppController extends Controller {
var $helpers = array('Html', 'Form', 'Javascript', 'Time');
var $components = array('Cookie', 'Session', 'Auth');
function beforeFilter() {
if(isset($this-params['prefix'])) {
if($this-params['prefix'] == 'admin') {
Configure::write('debug', 2);
$this-Auth-deny('*');
$this-Auth-allow('login');
} else {
$this-Auth-allow('*');
}
} else {
$this-Auth-allow('*');
}
}
}
?
You should never include 'login' in allow().
This is how I have things working:
AppController:
function beforeFilter()
{
$this-Auth-fields = array('username' = 'email', 'password' =
'password');
$this-Auth-loginError = 'No matching user found.';
$this-Auth-loginAction = array('controller' = 'users', 'action' =
'login');
$this-Auth-loginRedirect = array('controller' = 'pages', 'action'
= 'display', 'home');
$this-Auth-autoRedirect = false;
$this-Auth-logoutRedirect = array('controller' = 'users', 'action'
= 'login');
/* Auth will check controller's isAuthorized()
*/
$this-Auth-authorize = 'controller';
/* I have no public pages, so I need a better authError
* than the default 'You are not authorized to access that
* location.' for users who haven't loged in yet.
*/
if (!$this-Session-read('User'))
{
$this-Auth-authError = 'Please log in';
}
$admin = Configure::read('Routing.admin');
if (isset($this-params[$admin]) $this-params[$admin])
{
$this-layout = 'admin';
}
}
function isAuthorized()
{
$admin = Configure::read('Routing.admin');
if (isset($this-params[$admin])
@isset($this-params['prefix'][$admin]))
{
/* see User::login()
*/
if ($this-Auth-user('admin') == 0)
{
return false;
}
}
return true;
}
UsersController:
public function login()
{
if ($user = $this-Auth-user())
{
/* All my Groups below 4 are some kind of admin
*/
if ($this-Auth-user('group_id') 3)
{
$this-redirect($this-Auth-loginRedirect);
}
/* This User is an admin. You might already have an
* 'admin' field in your table. I chose not to so I set it
* in Auth's session values.
*/
$this-Session-write('Auth.User.admin', 1);
/* The redirect for an admin can be whatever you need
*/
$this-redirect(
array(
'controller' = 'admin',
'action' = 'index',
'admin' = 1
)
);
}
}
