Cookies problem

Vijayan.R.A.Reddy vijayan.reddy at tavant.com
Thu Nov 20 12:56:20 UTC 2003


Hello All,

We have a serious problem our customers are facing with our bugzilla
installations.

* Bugzilla is installed in a local intranet site
* It is exposed to customers through an external IP address
* External IP address is blocked for internal employees and external
	customers can not see our intranet bugzilla address
  (Though both are seeing the same single instance).

Now, when a customer files a bug, the bug is filed as another user.
Suddenly, this user sees "Logout <SomeOneelse>'s id" on his footer bar,
and some of the products are hidden for him as <SomeOneelse> is not
authorised to see them.

Clearing cookies/deleting offline contents does NOT help (We suspect
they are coming through proxy servers).

An analysis of "logincookies" table shows that many users are coming In
through only 3 IP addresses, and as they all have one machine each (no
sharing), obviously the addresses are that of proxy servers. In cases,
the same IP is shared between two users.

With this context, how does one users cookie goes to another ? And we
have offered a temporary solution by deleting the logincookies rows for
those userids facing the problem.

Curiously, this issue is not found at-all inside our intranet, where
there are 300+ users have used it for a longtime and found it reliable.

Can someone give us the lead where we should look ? We have Perl
programmers on-board and we can fix it, but where ?

Thanks,
Vijayan.




More information about the developers mailing list