[Mailman-Developers] FIX: web admin login failures and cookies
David Walter
dwalter@syr.edu
Fri, 02 Mar 2001 00:25:51 -0500
I have been having difficulty with the admin interface
using mailman v1.1 as shipped with debian potato.
Initially the login works fine for the first time after
creating a new list.
When I leave and return to the list I would have the same
problem as others:
http://mail.python.org/pipermail/mailman-users/2000-July/005550.html
When I started looking at the cookie data I noticed
something.
most cookies in my cookie file have a path = '/'
mailman has a path = /cgi-bin/mailman
Now, I thought about the suggestion when configuring with
apache to set up an alias, this I did so that uri's now look
like:
http://hostname/mailman/listinfo
Notice that this conflicts with the cookie lookup.
When I type in the full uri:
http://hostname/cgi-bin/mailman/listinfo
Voila! I didn't even have to type in the password the first
time.
So, is this path sent as part of the cookie data for a
reason? I mean is there a possibility of an administrator
configuring and installing mailman at more than one cgi path
on the system with the same list names so that there might
be a conflict? If not would it be possible to remove the
path so that it would be consistent?
Is the following the only places that this would affect
grep GetRequestURI Mailman/*/* Mailman/*
Cgi/admin.py:125: 'path' :
Utils.GetRequestURI(defaulturi),
Cgi/admindb.py:104: 'path' :
Utils.GetRequestURI(defaulturi)\
text = Utils.maketext(
'admlogin.txt',
{'listname': list_name,
'path' : Utils.GetRequestURI(defaulturi),
'message' : message,
})
Please cc any reply.
Thanks so much.
Respectfully:
David