[Moin-user] cookie timeout (repeat)

Karl Auer kauer at biplane.com.au
Sat Jul 7 05:20:02 EDT 2007


On Fri, 2007-07-06 at 18:59 -0700, Roger Haase wrote: 
> If you are not familiar with cookies, a good place to start looking at
> them is to download and install the current version of Firefox.
> [...etc...]

I know about my browser (I use firefox), and I am quite knowledgeable
about cookies. Thanks for all the info, but I am looking for help on
MoinMoin, not my browser.

The reason I asked "where are my cookies" was because there is a
variable called cookie_path in MoinMoin. It seems reasonable to me to
think that this points to a location where MoinMoin (not my browser)
will store information about cookies. A recent response from Thomas
Waldmann implied that too. He said "You need [cookie_path] if the
default path moin uses is not correct for the way you use moin, e.g. if
you run a wiki farm with common users / shared login.

On my system, cookie_path is set to None - what effect, if any, does
this have on cookie handling? What exactly is supposed to be in the
location pointed to by cookie_path? What permissions should this
location have?

Here is my problem: To the best of my ability I have done what the
various help pages say in order to set my cookie_lifetime to something
very large - 48 hours. However, I am still logged out after a much
shorter time. Other people have sent me-too messages, so I am not the
only one with this issue. My question is - why am I logged out? And what
can I do to not, ever, be logged out?

I would be happy if someone could suggest a hack to brute-force a
permanent login, but I would prefer to use the proper method. At
present, the proper method does not appear to be working.

> To have a look at the cookies for the current web page, click on Tools
> > Web Developer > Cookies > View Cookie Information.  Your Moin cookie
> will have the ID Moin_ID.  Make a note of what it looks like when you
> are logged on to Moin (expiration time?), and look again when you get
> logged off.

When logged in, the expiration is given as "at end of session". When not
logged in, there is no cookie.

Note that I am NOT closing my browser window (so the session has not
ended). After some hours of inactivity I refresh the Wiki page or click
on a Wiki link to some other page in the Wiki, the page is displayed as
immutable, and I have to log in again. Is there a difference between how
inactivity is handled and how cookie_lifetime is handled?

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)





More information about the Moin-user mailing list