Opened 13 years ago
Closed 13 years ago
#9942 closed defect (worksforme)
The auth_cookie_path option doesn't seem to have any effect
| Reported by: | anonymous | Owned by: | Remy Blank |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | general | Version: | 0.12-stable |
| Severity: | normal | Keywords: | login cookie auth_cookie_path |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
There is an option introduced in #8486 and created to share cookies (in particular the auth cookie) between several trac instances. But setting this option doesn't seem to have any effect anymore.
One would expect that setting auth_cookie_path would make trac create cookies with that path set, but it continues to set them with "/name" as the path.
Attachments (0)
Change History (4)
comment:1 by , 13 years ago
comment:2 by , 13 years ago
| Milestone: | → 0.12.2 |
|---|---|
| Owner: | set to |
I'll check that. Can you please paste the relevant part of your trac.ini?
comment:3 by , 13 years ago
The cookie path is set correctly, there is just no support in Trac for handling the cross-project nature of the setting. It was added to support plugins that implement session/auth sharing.
The problem is basically this: The one project where login happens makes the auth token and stores in its database. How should another project be expected to find that record? A request to /login in that project will instead trigger a new local project token overwriting the old cookie.
Example use-case: th:SharedCookieAuthPlugin
comment:4 by , 13 years ago
| Milestone: | 0.12.2 |
|---|---|
| Resolution: | → worksforme |
| Status: | new → closed |
Thanks for checking. That's a "worksforme", then.
Issue confirmed - tried with relative and absolute server path, and with uri as well.