| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
66314
|
Tue Apr 14 22:51:15 2009 |
 | Simon Patton | sjpatton@lbl.gov | Bug fix | All | 2.7.6 | Long cookie content is not handled properly. |
I discovered the infinite loop in 2.7.5 which can happen when a cookie's content is longer that the cookie array
designed to hold it. I also note that this issue has been addressed in 2.7.6, but the solution does not appear
to be correct and it can end up completely confusing the cookie extraction.
In 2.7.5 the code was:
for (i = 0; *p && *p != ';' && *p != '\r' && *p != '\n' ; )
if (i < (int) sizeof(cookie)-1)
cookie[i++] = *p++;
While in 2.7.6 is became:
for (i = 0; *p && *p != ';' && *p != '\r' && *p != '\n';)
if (i < (int) sizeof(cookie) - 1)
cookie[i++] = *p++;
else
break;
This leaves 'p' pointing to the middle of the cookie's content and I can not see that this is corrected in the loop (sorry if I've missed that).
The solution I used to patch 2.7.5 was the following:
for (i = 0; *p && *p != ';' && *p != '\r' && *p != '\n' ; ++p)
if (i < (int) sizeof(cookie)-1)
cookie[i++] = *p;
which simply truncates the contents of the cookie (which is assumed not to be an elogd cookie) but leaves 'p' in the right place to extract the next one. |
|
66797
|
Wed Apr 28 10:38:51 2010 |
 | Niklas | niklas@hoglund.pp.se | Question | Linux | 2.77 | Logout, authentication failure causes "redir" |
When someone logout from my Elog, or the person does not have access to a logbook (due to "Login user =") the person gets a blank webpage with "redir" typed in the upper left corner.
I guess it should redir to some webpage? How can I get it to actually do that? Am I missing something in elogd.cfg?
|
|
359
|
Tue Jun 3 17:51:39 2003 |
| Tomas Rudolf | tomas@mba.be | Question | | | Loging user's activity |
I was wondering if there is a way to have a more detailed log of users'
activities?
Current Logfile = <file> gives a good base for information about
logins/access to 'protected' logbooks.
What we would like to have is information about when a user reads an ELOG
entry (to be able to determine the reaction/response time).
For instance the LOG could look sg like this:
%%user %%datetime %%logbook %%record read/edit/new/delete |
|
830
|
Mon Dec 6 20:05:58 2004 |
| PJ Meyer | pjm@pjmeyer.org | Bug report | Windows | | Login/Password request appears twice |
Have set up 3 top level groups, each with their own password file.
Ever since users have to 'login' twice to get to the appropriate elog.
You click on top level group, get to log book and click on the one you want
and get login/password dialog box, click ok and and you get it again and
then you finally get into the elog book.
Anything I can check on this behavior? |
|
655
|
Thu Aug 5 10:49:21 2004 |
 | Stefan Ritt | stefan.ritt@psi.ch | | All | all | Login/Logout problem with elog and their solution |
Hi everybody,
several people have reported of strange problems concering the login/logout
behaviour of elog. After editing elogd.cfg, they could not logout any more
from a logbook, or they were not able to log in. Here comes some
explanation. If you are not interested in the details, skip to the last section.
The login parameters (user name and password) are sored in cookies, which of
course have to be enabled for the elog site in your browser. Each cookie can
contain an optionsl "path=..." statement, which defines for which subtree in
the URL the cookie is valid. If you use a "global" password file (one where
the "password file = ..." statement is in the [global] section of
elogd.cfg), the elogd server stores a cookie with path "/", so it will apply
to the whole site and therefore to all underlying lobooks. If your password
file is defined in an individual logbook section, the elogd server stores a
cookie with path "/<logbook>", so that it applies only to the specific logbook.
The problem arises now if one moves the password file statement from the
global section to the logbook section or back. The browser might still have
old cookies, whic can override any newly set cookie.
Long story short conclusion: If you observe this behaviour, just delete all
cookies in your browser and you should be fine. I added some additional code
to version 2.5.4 which catches a few cases but unfortunately not all. |
|
265
|
Fri Apr 4 00:50:31 2003 |
| Byron | | Question | | | Login user problem |
When I use the <Login user => option to specify what users I want to be
able to login into the different logbooks it does not seem to work. Is
there something else you are supposed to do to restrict what logbooks users
can log into? |
|
1359
|
Thu Jul 28 17:11:32 2005 |
| Carl Shirey | carl.shirey@pw.utc.com | Question | Linux | 2.6 | Login twice |
Where I work we started to use Elog for our shift carry over log, everyone seems to likes it.
I do have one problem for some reason we have to login twice in order to submit a new entree in
the log. I do have a guest account setup so when we click logon the logon page pops up and you
type in username and password and enter. Then main page pops up and you are still in the guest mode.
Click on logon again and enter everything again and this you get in the edit mode.
I hope you can me with this. |
|
1478
|
Mon Oct 24 14:19:18 2005 |
| Daniel Broers | d.broers@amc.nl | Question | Other | 2.6.0 b4 | Login screen reappears after correct login |
We are running elog perfectly on a solaris machine for some time now.
Except on some client pc's the login screen keeps reappearing after a succesfull login.
We upgraded to version 2.6.0 beta 4 but the problem persists.
Any suggestions? |