Membership management chunking requires two authentications..
Mailman: 1.1 Python: 1.5.2 OS: Solaris 5.7
I don't know if this has been fixed in the CVS version, but I thought I'd submit it anyways. There seems to be a small authentication bug with the chunking in the membership management page. The page will load up correctly the first time it is accessed with the first chunk size shown. However, when you request a different chunk, it requires a reauthentication and then gives the chunk=0 page instead of the requested chunk. If you then click on the alternate chunk it loads fine. However, the additional click and authentication is annoying.
-- Ted Cabeen http://www.pobox.com/~secabeen secabeen@pobox.com Check Website or finger for PGP Public Key secabeen@midway.uchicago.edu "I have taken all knowledge to be my province." -F. Bacon cococabeen@aol.com "Human kind cannot bear very much reality."-T.S.Eliot 73126.626@compuserve.com
On Mon, Feb 21, 2000 at 01:56:52PM -0600, Ted Cabeen wrote:
I don't know if this has been fixed in the CVS version, but I thought I'd submit it anyways. There seems to be a small authentication bug with the chunking in the membership management page. The page will load up correctly the first time it is accessed with the first chunk size shown. However, when you request a different chunk, it requires a reauthentication and then gives the chunk=0 page instead of the requested chunk. If you then click on the alternate chunk it loads fine. However, the additional click and authentication is annoying.
I have/had the same problem, and i'm using the CVS version...
I just had a closer look and now I know why it behaves this way in my case: our list is accessible at two hostnames which share the exact same website... the hostname that is linked at the membership chunk links is different than the hostname i sometimes use to access the list... so netscape thinks the cookie is for a different host...
which makes me wonder why the chunk links on the admin page have a full http:// link while other links on it don't ?
maybe you are experiencing the same problem? compare the hostname you use to access the admin page with the hostname that's being used in the links to the membership chunks... if they are different, that's the reason why you have to re-enter the password.
Ricardo.
--
In message <20000221221518.A17481@miss-janet.com>, Ricardo Kustner writes:
On Mon, Feb 21, 2000 at 01:56:52PM -0600, Ted Cabeen wrote:
I don't know if this has been fixed in the CVS version, but I thought I'd submit it anyways. There seems to be a small authentication bug with the chunking in the membership management page. The page will load up correctly
the first time it is accessed with the first chunk size shown. However, whe n you request a different chunk, it requires a reauthentication and then gives
the chunk=0 page instead of the requested chunk. If you then click on the alternate chunk it loads fine. However, the additional click and authentication is annoying.
I have/had the same problem, and i'm using the CVS version...
I just had a closer look and now I know why it behaves this way in my case: our list is accessible at two hostnames which share the exact same website... the hostname that is linked at the membership chunk links is different than the hostname i sometimes use to access the list... so netscape thinks the cookie is for a different host...
which makes me wonder why the chunk links on the admin page have a full http:// link while other links on it don't ?
maybe you are experiencing the same problem? compare the hostname you use to access the admin page with the hostname that's being used in the links to the membership chunks... if they are different, that's the reason why you have to re-enter the password.
You're right. However, that doesn't change the bug. The bug is as follows: When you try to access the admin pages with a hostname that you haven't used before, it asks you to reauthenticate for that hostname. This includes when you manually type in a shorter address for the machine(http://lists/ instead of http://lists.uchicago.edu/) That isn't really a bug. Reauthentication for different hostnames is understandable. However, when you are asking for a specific chunk of the membership list and you have to reauthenticate, it ignores your chunk request and always gives chunk 0. Is there a passing problem in the authentication module?
-- Ted Cabeen http://www.pobox.com/~secabeen secabeen@pobox.com Check Website or finger for PGP Public Key secabeen@midway.uchicago.edu "I have taken all knowledge to be my province." -F. Bacon cococabeen@aol.com "Human kind cannot bear very much reality."-T.S.Eliot 73126.626@compuserve.com
On Mon, Feb 21, 2000 at 03:26:48PM -0600, Ted Cabeen wrote:
different hostnames is understandable. However, when you are asking for a specific chunk of the membership list and you have to reauthenticate, it ignores your chunk request and always gives chunk 0. Is there a passing problem in the authentication module?
ah i see... well it's obvious the chunk gets losts, since the reauthenticate page gives you a form and it doesn't include the chunk (which was posted with a GET at first) after posting the entered password... a solution could be to include the chunk var into a hidden field in the (re)authenticate form...
Ricardo.
--
Catching up on some old threads...
"RK" == Ricardo Kustner <ricardo@rixhq.nu> writes:
RK> which makes me wonder why the chunk links on the admin page
RK> have a full http:// link while other links on it don't ?It shouldn't. In fact, I think that all urls generated by mailman ought to be done with relative=1. I'm not quite prepared to make that sweeping change without more thought, but I have fixed the membership management pages to use relative links for the chunks and for the user option links.
-Barry
participants (3)
-
bwarsaw@beopen.com -
Ricardo Kustner -
Ted Cabeen