Apologies for the length of this mail but I felt detail was good.
I am trying to find someone to take a paid contract to resolve a cookie issue we have been having with a multi MW installation.
We have a multi-lingual site which utilizes the AuthDrupal extension to allow users to log into Mediawiki through the Drupal CMS. Each language is in a separate sub domain (www.domain.com, es.domain.com, it.domain.com etc)
Rather than have a single Drupal installation and one Mediawiki installation per language we have one of each per language. This is due in the main to multi-lingual problems within Drupal.
So, for example we have:
/public_html (EN Drupal installation) /public_html/wiki (EN Mediawiki installation)
/public_html/languages/it (IT Drupal installation) - accessible through the it.domain.com sub domain /public_html/wiki/languages/it/wiki (IT Mediawiki installation)
/public_html/languages/es (ES Drupal installation) /public_html/wiki/languages/es/wiki (ES Mediawiki installation) - accessible through the es.domain.com sub domain
Cookies are set to expire at the end of a session so closing the browser resets everything.
So to the problem.
Operation of two sites in one browser When a user logs into the primary (EN) site all is well. They are logged into Mediawiki and can use the site as normal. If they then close their browser, re-open it and attempt to log into the Italian (IT) site again all is well and they can browser the it site.
Now, if a user opens a fresh browser, logs into the EN site and then opens a new tab to log into the IT site (it will happen!) there is a problem. The cookies from one site seem to impact the other site. The it site allows the user to log into the it Drupal but not the it Mediawiki. This results in the user clicking through to a wiki page after having logged in and being presented with a ³you aren't logged in screen², not ideal! My suspicion is that in some way the creation of the EN cookies is playing havoc with the operation of the IT site but I can see how. We have them set up to use different domain (domain.com and it.domain.com). Is there maybe something in the PHPSESSID I need to do?
We do seem to also sporadically (I HATE intermittent issues) have users complain that they click on a link and suddenly find themselves logged out but I don¹t know if that is linked or not?
On Oct 4, 2007, at 6:26 AM, Paul Coghlan wrote:
Now, if a user opens a fresh browser, logs into the EN site and then opens a new tab to log into the IT site (it will happen!) there is a problem. The cookies from one site seem to impact the other site. The it site allows the
Have you taken a look at how the cookies are being created with the Web Developer extension for Firefox? You could also examine the HTTP headers with the Tamper Data extension.
mediawiki-l@lists.wikimedia.org