Re: mystery caching problem

2006-10-03 Thread David Nicol
find out if these people are getting into the system because they're sending a cookie/login string with the right details for the wrong account using one-time-use capability keys that can only be obtained by reading the user's e-mail will prevent erroneous log-ins while reducing the number of cr

Re: mystery caching problem

2006-10-03 Thread Jonathan Vanasco
On Oct 3, 2006, at 4:01 PM, Dondi M. Stroma wrote: One time, two different users reported this problem at roughly the same time. But what is interesting is that not only did they both enter *a* wrong account, they both entered the *same* wrong account! are you sure the login routine is wor

Re: mystery caching problem

2006-10-03 Thread Dondi M. Stroma
Jonathan Vanasco wrote: On Oct 3, 2006, at 1:30 AM, David Emery wrote: Just a shot in the dark, but could it be a problem with your log-in process rather than a caching issue? Like maybe the unique value you're basing the user's identity on isn't quite as unique as you think? I'm going to a

Re: mystery caching problem

2006-10-03 Thread Jonathan Vanasco
On Oct 3, 2006, at 1:30 AM, David Emery wrote: Just a shot in the dark, but could it be a problem with your log-in process rather than a caching issue? Like maybe the unique value you're basing the user's identity on isn't quite as unique as you think? I'm going to agree with this being AT

Re: mystery caching problem

2006-10-02 Thread David Emery
On Date: Mon, 02 Oct 2006 21:18:24 -0400, "Dondi M. Stroma" <[EMAIL PROTECTED]> wrote: > The problem: occasionally, when a user logs in, they end up logging in to > someone else's account! But it happens very, very infrequently, and I've > been unable to even reproduce the problem myself. The ap

Re: mystery caching problem

2006-10-02 Thread Jeff Nokes
- Jeff - Original Message From: Dondi M. Stroma <[EMAIL PROTECTED]> To: modperl@perl.apache.org Sent: Monday, October 2, 2006 6:18:24 PM Subject: mystery caching problem Hi, Before I begin, I want to let you know that I've already poured over all mod_perl/Apache/CGI/perl related

Re: mystery caching problem

2006-10-02 Thread Dondi M. Stroma
Perrin Harkins wrote: Is there a proxy server in front of your mod_perl? You have to be careful to avoid caching of Set-Cookie headers in the proxy. - Perrin Nope...I wish that was the case because it would explain a lot. Occasionally people use anonymous proxies to access our site, but t

Re: mystery caching problem

2006-10-02 Thread Perrin Harkins
Dondi M. Stroma wrote: The problem: occasionally, when a user logs in, they end up logging in to someone else's account! [...] Here's where it get's interesting. CGI.pm has an undocumented method called cache() which, if called, outputs the "Pragma: no-cache" header. I found it confusing, so

mystery caching problem

2006-10-02 Thread Dondi M. Stroma
Hi, Before I begin, I want to let you know that I've already poured over all mod_perl/Apache/CGI/perl related docs, porting guides, mailing list archives, etc. I've read and re-read about the traps and pitfalls of mod_perl. I have "use strict" on, warnings on, and I've quadrouple checked fo