[imp]
The problem that won't die. (was: Very alarming/strange login
problems)
William Tucker
wtucker at mail.ucf.edu
Fri Feb 7 12:52:47 PST 2003
This is now happening to multiple users - it seems to be OK each time I start apache, then as time goes on, it occurs more and more often. I am grasping at straws now - perhaps I can use a different auth method? Instead of auth'ing through IMP? Right now the system is unusable, and I have had to pull it out of production.
I am including my original message with all its relevant info. The only things that have changed are: gc_prob is now 25, trans_sid is 0, entropy source is /dev/urandom, and php grabs 32 bits from it.
Thanks in advance.
William Tucker
---
horde 2.1, imp 3.1, apache 1.3.27, php 4.1.2, UW imap IMAP4rev1 2002.334, solaris 8
On to the problem. This is taking place on a high load (40K users) mail/web server. When a certain user logs in, she finds herself in the middle of someone else's session.. here are some log snippets (logins/IPs changed):
Jan 27 19:46:42 HORDE [notice] [imp] Login success for user1 [1.1.1.1] to {pegasus.cc.ucf.edu:143} [on line 51 of "/web/horde_2/imp/redirect.php"]
Jan 27 19:48:12 HORDE [notice] [imp] Logout for user1 [2.2.2.2] from {pegasus.cc.ucf.edu:143} [on line 72 of "/web/horde_2/imp/login.php"]
Jan 27 19:48:22 HORDE [notice] [imp] Login success for user2 [2.2.2.2] to {pegasus.cc.ucf.edu:143} [on line 51 of "/web/horde_2/imp/redirect.php"]
Jan 27 19:48:33 HORDE [notice] [imp] Logout for user2 [2.2.2.2] from {pegasus.cc.ucf.edu:143} [on line 72 of "/web/horde_2/imp/login.php"]
user1 is on 1.1.1.1, and user2 is on 2.2.2.2.
When user2 logs in, she finds herself in the middle of user1's session, and has to log out of that session. It seems that user1 is not logging out, and is only closing their browser. Has anyone else seen this behavior?
user1 is not the same username every time, but user2 is the only person complaining of this behavior.
My php.ini settings for sessions are:
session.save_handler = files
session.save_path = /tmp
session.use_cookies = 1
session.name = HORDE
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /webmail
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
session.referer_check =
session.entropy_length = 0
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
And I am sure that the cookie_path matches up. Any suggestions at all would be very appreciated.
Thanks in advance,
William Tucker
More information about the imp
mailing list