[dokuwiki] Re: Bug? LDAP auth and cookie behaviour

Hi,

- Dokuwiki (Release 2011-05-25a "Rincewind") using LDAP authentication
- user1 logs in to wiki using firefox
- firefox is closed (cookies aren't deleted, default behaviour)
- user2 starts firefox and logs in to wiki using his credentials
- user2 is logged in as user1 althought used his credentials

Is this behaviour as wanted?
Shouldn't dokuwiki create a new cookie for user2?

This is really strange and I have no idea why this should happen.
Firefox might save the session (and thus all cookies), so a second
user reopening the browser will get the session the user before had
(if it hasn't expired on the server yet). But in this case the user
should be logged in right away - no need to relogin. When a login
happens (or fails) all previous login data should be thrown away.

Can you please open a bug report? Please add as much details as
possible on your environment.

I've added all information I could think of in FS#2230.
If you need more information just ask for it.
I'll do further tests and add them to the report.
I hope we can resolve this issue.


Kind regards,
Andrwe
--
DokuWiki mailing list - more info at
http://www.dokuwiki.org/mailinglist

Other related posts: