-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
jidanni@jidanni.org wrote:
Is it "just my imagination" or does upgrading MediaWiki somehow cause users to need to login again? Does it toss its cookies?
Upgrading MediaWiki could update the User class to an incompatible version, which would cause existing User objects cached in memcached/APC/eAccelarator/etc to be invalidated.
I don't believe this would break a session, however; the object should be recreated fresh, authenticated from the login token in the session. If it's a reproducible problem, it should be possible to track it down.
Double-check that it's not a basic problem with sessions; for instance sessions in memcached being broken by an upgrade process that includes restarting memcached, or some change to the memcached hashing (which shouldn't have happened); or an unrelated update to PHP wiping old session data; or the newer MediaWiki version simply using a different session name than the old one.
- -- brion