Instalation of django on:
Linux Debian Sarge 3.1
Python 2.3.5
mod_python 3.1.3 (tested also with 3.1.4)
Apache 2.0.54
Configuration of apache:
<VirtualHost 127.0.0.5:80>
ServerName www.my.com
<Location "/admin/">
SetHandler python-program
SetEnv DJANGO_SETTINGS_MODULE project.settings.admin
PythonHandler django.core.handlers.modpython
PythonInterpreter project_admin
PythonDebug On
</Location>
Alias /media /usr/lib/python2.3/site-packages/django/conf/admin_media/
<Location "/media/">
SetHandler None
</Location>
</VirtualHost>
After going to www.my.com/admin/ and submiting login form I get this:
Traceback (most recent call last):
File "/usr/lib/python2.3/site-packages/django/core/handlers/base.py",
line 60, in get_response
response = middleware_method(request, callback, param_dict)
File "/usr/lib/python2.3/site-packages/django/middleware/admin.py",
line 39, in process_view
if self.user_is_valid(request.user):
File
"/usr/lib/python2.3/site-packages/django/core/handlers/modpython.py",
line 102, in _get_user
user_id = self.session[users.SESSION_KEY]
File
"/usr/lib/python2.3/site-packages/django/middleware/sessions.py", line
14, in __getitem__
return self._session[key]
File
"/usr/lib/python2.3/site-packages/django/middleware/sessions.py", line
44, in _get_session
self._session_cache = s.get_decoded()
File "/usr/lib/python2.3/site-packages/django/models/core.py", line
122, in get_decoded
raise SuspiciousOperation, "User tampered with session cookie."
SuspiciousOperation: User tampered with session cookie.
Problem does not exist with localhost:8000 after running server from
django-admin.py. Setting SESSION_COOKIE_DOMAIN to 'www.my.com' does not
help neither.
