Opera login

[Juan Antonio Ibáñez]

Hello,

   I am having one problem usin authentiacation in my proyect. It works ok on Firefox and Chrome but not on Opera. When I try to log in using Opera browser, authentication always fails but I dont know why. Form data is sent ok as I can see.

Any idea?

Regards

[ozwyzard]

I have come across a similar set of problems:

1) When I use the local intranet for testing, the URL is an <ipaddress>/link, Opera does not let me log in.

2) When I browse to my TG app on the internet, Opera logs me in, but then it does not let me logout.

The later seems to be due to a mismatch in the way TG deletes a cookie versus Opera's expectation.

The correct way to delete a cookie (the way I understand) is for the server to update the cookie's expiration date to a past-date.  Could this be a timezone issue (i.e. a timezone disparity between Opera and TG Server)?

[Alessandro Molina]

How cookies are managed depends on the repoze.who plugin which handles
authentication.
Usually those are delete by setting max_age to 0, doing so the cookie
should expire instantly.

You can probably check the response headers using the developer tools
of your browser to see what the server responds when logout_handler is
called.
You should see a Set-Cookie header to force cookie expiration.

> --
> You received this message because you are subscribed to the Google Groups
> "TurboGears" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/turbogears/-/tVKQUaBIfU8J.
>
> To post to this group, send email to turbo...@googlegroups.com.
> To unsubscribe from this group, send email to
> turbogears+...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/turbogears?hl=en.

[ozwyzard]

LOGIN:

FireFox: WireShark capture for Firefox login on intranet dummy account:
http://pastebin.com/6c5Gfgdj

FireFox: The authtkt cookie sent in the /login_handler HTTP response is honored by Firefox and sent in the /post_login HTTP request.

Opera: WireShark capture for Opera login on intranet dummy account:
http://pastebin.com/pBkQjPde

Opera: The authtkt cookie sent in the /login_handler HTTP response is "stored" by Opera (I checked in the browser's options/cookie tab) but is NOT sent in the /post_login HTTP request.  I deleted the cookie on the browser and retried the request, the result was the same (new cookie stored, but not sent in the request).



LOGOUT:
I do not have traces since (a) the server is on the net, (a) it uses HTTPS.

On Saturday, June 2, 2012 3:19:23 AM UTC-7, Alessandro Molina wrote:

How cookies are managed depends on the repoze.who plugin which handles
authentication.
Usually those are delete by setting max_age to 0, doing so the cookie
should expire instantly.

You can probably check the response headers using the developer tools
of your browser to see what the server responds when logout_handler is
called.
You should see a Set-Cookie header to force cookie expiration.

[Moritz Schlarb]

This should be because TG2 only works with repoze.who-1.x which has this bug in opera: http://bugs.repoze.org/issue89

It doesn't seem to have been fixed up until repoze.who-2.x!

[Alessandro Molina]

I'm working at making repoze.who 2.0 available in the 2.2 tree when
using the new auth configuration layer.

Newly quickstarted applications will already be repoze.who v2 based,
while past applications will have to be upgraded to the new auth layer
(which involves just changing a configuration option in app_cfg.py if
you didn't customize authentication)

This should also fix this issue.

> --
> You received this message because you are subscribed to the Google Groups
> "TurboGears" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/turbogears/-/fc1xFr3udMYJ.

[Juan Antonio Ibáñez]

How new auth layer works? What will be the best method to update an existing proyect?

Regards

> turbogears+unsubscribe@googlegroups.com.

[Alessandro Molina]

Auth configuration for 2.2 is explained in development docs:
http://turbogears-dev.readthedocs.org/en/latest/main/Auth/Customization.html

To enable it the "base_config.sa_auth.authmetadata" option must be
present inside app_cfg.py

If it is not available the 2.1 authentication configuration system is
used to keep backward compatibility with existing applications, but it
won't be possible to use repoze.who v2.

Keep in mind that this will only work with 2.2 release, which is not
yet available.
In 2.1 there is no official way to use repoze.who v2

>> > turbogears+...@googlegroups.com.

>> > For more options, visit this group at
>> > http://groups.google.com/group/turbogears?hl=en.
>

> --
> You received this message because you are subscribed to the Google Groups
> "TurboGears" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/turbogears/-/AzK8OSuo-zkJ.

>
> To post to this group, send email to turbo...@googlegroups.com.
> To unsubscribe from this group, send email to

> turbogears+...@googlegroups.com.

[ozwyzard]

Thank you for your reply.

[ozwyzard]

Thank you!

[ozwyzard]

Hello,

According to http://bugs.repoze.org/issue89 it is probably because of the triple Set-Cookie headers.

I ported my app to TG 2.2, and repoze.who 2.x.  I still see that the server sends 3 Set-Cookie headers in the login response, and can login using Firefox, but Opera logins fail.

Are you seeing the same problem with repoze.who 2.x?


REQUEST:
POST /login_handler?__logins=0&came_from=%2F HTTP/1.1

RESPONSE:
HTTP/1.0 302 Found
Server: PasteWSGIServer/0.5 Python/2.7
Date: Thu, 11 Oct 2012 06:03:23 GMT
Location: http://192.168.1.2/post_login?__logins=0&came_from=%2F
Content-Length: 299
Content-Type: text/html; charset=UTF-8

Set-Cookie: authtkt="xxxxx!userid_type:unicode"; Path=/
Set-Cookie: authtkt="xxxxx!userid_type:unicode"; Path=/; Domain=192.168.1.2
Set-Cookie: authtkt="xxxxx!userid_type:unicode"; Path=/; Domain=.192.168.1.2

<html>
 <head>
  <title>302 Found</title>
 </head>
 <body>
  <h1>302 Found</h1>
  The resource was found at <a href="http://192.168.1.2/post_login?__logins=0&amp;came_from=%2F">http://192.168.1.2/post_login?__logins=0&amp;came_from=%2F</a>;
you should be redirected automatically.

 </body>
</html>

On Sunday, June 3, 2012 5:42:10 AM UTC-7, Moritz Schlarb wrote:

[Juan Antonio Ibáñez]

May be a problem with the time of your server?

[ozwyzard]

Login and Logouts now working on Opera for me.  May be it was not working earlier with my TG2.2 port because my server was running on a box with IP address (and no domain name).  Thanks.

[León Domingo]

Hi guys,
It may be interesting for someone...

I used to have a problem logging in when the server was localhost (during development), but this doesn't happen anymore with the new version of Opera (12.14).

Regards,
León