find out if these people are getting into the system because they're
sending a cookie/login string with the right details for the wrong
account
using one-time-use capability keys that can only be obtained by reading
the user's e-mail will prevent erroneous log-ins while reducing the
number of cr
On Oct 3, 2006, at 4:01 PM, Dondi M. Stroma wrote:
One time, two different users reported this problem at roughly the
same time. But what is interesting is that not only did they both
enter *a* wrong account, they both entered the *same* wrong account!
are you sure the login routine is wor
Jonathan Vanasco wrote:
On Oct 3, 2006, at 1:30 AM, David Emery wrote:
Just a shot in the dark, but could it be a problem with your log-in
process
rather than a caching issue? Like maybe the unique value you're basing
the
user's identity on isn't quite as unique as you think?
I'm going to a
On Oct 3, 2006, at 1:30 AM, David Emery wrote:
Just a shot in the dark, but could it be a problem with your log-in
process
rather than a caching issue? Like maybe the unique value you're
basing the
user's identity on isn't quite as unique as you think?
I'm going to agree with this being AT
On Date: Mon, 02 Oct 2006 21:18:24 -0400, "Dondi M. Stroma" <[EMAIL PROTECTED]>
wrote:
> The problem: occasionally, when a user logs in, they end up logging in to
> someone else's account! But it happens very, very infrequently, and I've
> been unable to even reproduce the problem myself. The ap
I'm not sure if this is your problem, but we had a similar issue awhile back.
About a year-and-a-half ago, there was an incremental release of the squid
proxy server that had a major bug in it. I can't remember the details exactly,
but I believe it had something to do with the fact that squid w
Perrin Harkins wrote:
Is there a proxy server in front of your mod_perl? You have to be careful
to avoid caching of Set-Cookie headers in the proxy.
- Perrin
Nope...I wish that was the case because it would explain a lot.
Occasionally people use anonymous proxies to access our site, but t
Dondi M. Stroma wrote:
The problem: occasionally, when a user logs in, they end up logging in
to someone else's account!
[...]
Here's where it get's interesting. CGI.pm has an undocumented method
called cache() which, if called, outputs the "Pragma: no-cache" header.
I found it confusing, so
