Admin stuck at login page

[Keith Edmiston]

PROBLEM: I am attempting to implement the Django Admin on a new project, but when I log in the page simply reloads to the login screen as if nothing was done. It should be noted that if I use incorrect credentials I get the error message as expected.

URLS.py:

from django.conf.urls import patterns, url, include
from django.conf import settings
from bus.certs.views import index

# Uncomment the next two lines to enable the admin:
from django.contrib import admin
admin.autodiscover()

urlpatterns = patterns('',
                       (r'^apps/bus/certs/$', index),
                       (r'^apps/bus/certs/index$', index),
                       (r'^apps/bus/certs/listing/', include('bus.certs.listing.urls')),
                       (r'^apps/bus/certs/application/', include('bus.certs.application.urls')),

                       # Example:
                       # (r'^apps/bus/certs/', include('bus.certs.foo.urls')),

                       # Uncomment the admin/doc line below and add 'django.contrib.admindocs'
                       # to INSTALLED_APPS to enable admin documentation:
                       # (r'^admin/doc/', include('django.contrib.admindocs.urls')),

                       # Uncomment the next line to enable the admin:
                       (r'^apps/bus/certs/admin/', include(admin.site.urls)),
                       )

ADMIN.py:

import django.contrib
import common.models

print 'inside admin.py'

django.contrib.admin.site.register(common.models.Application)

SHELL logs:

** on initial page load:
[12/11/2013 08:16:07] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48842

** on entry of incorrect credentials:
[12/11/2013 08:17:35] "POST /apps/bus/certs/admin/ HTTP/1.1" 200 49209
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/login.css HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/base.css HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/img/icon_error.gif HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/img/nav-bg.gif HTTP/1.1" 304 0

** on entry of correct credentials:
[12/11/2013 08:19:16] "POST /apps/bus/certs/admin/ HTTP/1.1" 302 0
[12/11/2013 08:19:17] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48682

Things I've done/tried:

1. reset the password using the "users[0].set_password('whatever')" command (found here: http://coderseye.com/2007/howto-reset-the-admin-password-in-django.html)
2. deleted all recs in django_sessions table (MySQL db) and verified that session recs are being created on attempts.
   

Any help would be appreciated. Please let me know if there is other info I can provide that I didn't think to provide above.

--
Keith Edmiston

[Tom Evans]

Have you verified that your session cookies are being accepted by the
browser and sent back on subsequent requests?

Cheers

Tom

[Keith Edmiston]

Hi Tom,

Thanks for responding.  I'm not using Session Cookies, but instead am using Session DB (SESSION_ENGINE = 'django.contrib.sessions.backends.db'). 

Not sure if that really answers your question though.  Can you provide me with a best way to verify the session process is working correctly via the browser?  I'm not fully certain how to go about doing that.

BTW, I'm using Django 1.4.

Keith

Tom

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFHbX1Jf_fTXWzSQ8Z-YtwNbnhhvtpX97tZ0-FGDe5e2%2Bzxwzg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
Keith Edmiston
(512)970-7222

[Tom Evans]

On Tue, Nov 12, 2013 at 4:50 PM, Keith Edmiston <ked...@gmail.com> wrote:
> Hi Tom,
>
> Thanks for responding. I'm not using Session Cookies, but instead am using
> Session DB (SESSION_ENGINE = 'django.contrib.sessions.backends.db').
>

I'm not talking about where the session data is stored. If you are
using sessions, you are using cookies.

> Not sure if that really answers your question though. Can you provide me
> with a best way to verify the session process is working correctly via the
> browser? I'm not fully certain how to go about doing that.
>
> BTW, I'm using Django 1.4.
>
> Keith

Sessions work by the server assigning the browser a special session id
to persist in a cookie. On subsequent requests, the same session id is
sent back by the browser to the server, and the server can load the
data stored in previous requests from the session backend.

If the browser does not accept the cookie containing the session id
set by the server, then on subsequent requests no session id is sent
to the server and the server cannot load the data stored in previous
requests.

If you were doing this at a login page, the net result would be that
you seem to authenticate correctly, but then are not logged in on
subsequent requests.

An easy way to check this is to use something like Firebug, Chrome
Inspecter etc to load the login page. At this point, django will send
a "Set-Cookie" header, which will have "sessionid" set in it. Note
down what the session id is at this point.
Complete and submit the form, and check in Firebug what "Cookie"
header your browser sent as a request header on that request. If it is
a different value to before, then the session cookies you are setting
are not being respected by the browser.

A typical reason for this happening is if you have configured your
site as being on a particular hostname, but are serving it/accessing
it from a different name. For instance, if your site sends a cookie
for "foo.bloggs.com", but your site is served from "127.0.0.1", then
your browser will not accept the cookie.

Cheers

Tom

[Keith Edmiston]

Tom,

First let me say "thanks!" for all the good info on session cookies. I must admit that I've had little reason to-date to learn much about them. This helped.

It would appear that something is certainly amiss in this area, but I can't nail down what exactly. If you have additional time to invest in this, I'll post here the info I was able to glean from it all.

Steps taken:

1. Purged my database table "django_session" again.
2. Loaded the login page for the admin (https://local.utexas.edu:8000/apps/bus/certs/admin/)
• Checked that a session rec was created on the table (4bfa24...).
• Checked the SC cookie on Firebug (4bfa24...). By the way, this also shows "local.utexas.edu" in the "Domain" column.
3. Attempted login
• Saw two cookies created on the table (e440f0... & 23378a...).
• Saw a new SC cookie in Firebug (23378a...).

So it seems that there is some weirdness re: the cookie passing, right?  But I'm a bit confused since the Domain column for the cookie seems to recognized the correct local.utexas.edu domain.  Any thoughts? 

Keith

On Tue, Nov 12, 2013 at 11:15 AM, Tom Evans <teva...@googlemail.com> wrote:

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFHbX1KF1Bop9WYDZxFixqo57bxTR3Oi%2B1XzShA8acM%2BjViKjg%40mail.gmail.com.

For more options, visit https://groups.google.com/groups/opt_out.

--
Keith Edmiston
(512)970-7222