Evergreen

Auth/session cookie problem results in unwanted redirect on search

Bug #487140 reported by Shawn Boyette
24
This bug affects 4 people
Affects Status Importance Assigned to Milestone
Evergreen
Won't Fix
Medium
Unassigned

Bug Description

In versions of Evergreen through 1.6.0.0, an OPAC search will sometimes result in the user being redirected to the OPAC(?) main page after results begin to display. The workaround is to delete session cookies.

This came out of #486087, which has been closed and marked as a duplicate of this bug.

Galen Charlton (gmc)
Changed in evergreen:
status: In Progress → New
Revision history for this message
Dan Scott (denials) wrote :

Does this problem occur when the session for an authtoken associated with the "ses" session cookie has timed out, but the browser believes that the session is still active? The cookie now gets deleted automatically when the browser is closed, but some people leave their browsers running for days on end.

I was poking around /openils/var/web/opac/common/js/opac_utils.js and this seems like the likely location of the problem, but I hope to be able to reproduce the problem efficiently so that debugging can be a bit more efficient. If anyone has more information, that would be helpful.

James Fournie (jfournie)
Changed in evergreen:
status: New → Confirmed
Revision history for this message
James Fournie (jfournie) wrote :

I just got this when doing some apache restarty things on a dev server. It happened in Chrome on Mac. I checked the ses cookie and then ran request open-ils.auth open-ils.auth.session.retrieve on it and it said there was no session.

I can't really recreate it but it has happened a few times and seems to happen when I am doing things which require a combination of logging in and out of EG web interfaces and restarting or reloading apache.

~J

Revision history for this message
Jason Stephenson (jstephenson) wrote :

Given the age of the bug and that JSPAC is soon to be deprecated, I've setting to Won't Fix.

Changed in evergreen:
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.