I have no familiarity with stacktach, but it sounds like it's trampling data on the sessionid cookie (even if it's also setting a beaker.session.stacktach cookie).
Your options include running the two at different domains/subdomains (and specifying the subdomain as the cookie domain; that needs to be explicit), or you can change the Django cookie names using settings: Session cookie name: https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-name CSRF cookie name: https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-CSRF_COOKIE_NAME It doesn't sound like you had a CSRF cookie problem though. It is expected behavior that if you clear your cookies and don't revisit the login page to get a new CSRF token that form POSTs will fail. - Gabriel -----Original Message----- From: Aaron Sahlin [mailto:[email protected]] Sent: Friday, October 31, 2014 12:37 PM To: OpenStack Development Mailing List (not for usage questions) Subject: [openstack-dev] [Horizon] Cookie collision between Horizon & Stacktach I was posed this question, but am not familiar with Horizon or StackTach cookie management. Anyone know what the issue might be? Issue: Logging into one site logs you out of the other. (horizon/stacktach) First I open horizon and notice there are two cookies: csrftoken (horizon) and sessionid. I log into Horizon, then open up a new tab and log into stacktach (same domain, different port). After logging into stacktach, there's another cookie created named beaker.session.stacktach. I go back to the horizon dashboard and get logged off after clicking anything. After trying to log back in, this error comes up: "Your Web browser doesn't appear to have cookies enabled. Cookies are required for logging in." I then clear the cookies and am able to log in, but see this error message: "Forbidden (403) CSRF verification failed. Request aborted." I go back to the Horizon log in page, finally log in, go to stacktach tab and am logged out of that. Note that stacktach is at a separate port on the controller and uses beaker to create the cookie session. I've read that cookies aren't port-speciic on the same domain name, but should still work with different cookie names.. I've also tried changing the paths on the stacktach urls, but no luck there either. _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
