[ic] CookieLogin Yes

Ed LaFrance interchange-users@icdevgroup.org
Sun Jun 9 12:47:01 2002 

At 04:34 AM 6/9/2002 +0000, you wrote:
>Well - I guess I will have to diable CookieLogin for now, and come back to 
>it later. All other shopping cart functions are working flawlessly when 
>going to the secure server and checkout.
>
>in UserDB.pm there are several tests like so:
>
>if ($Vend::Cfg->{CookieLogin} and
>(!$Vend::Cfg->{DifferentSecure} || ! $CGI::secure)
>)
>
>when testing for cookies on a secure server. I haven't been able to track 
>them all down yet.

The DifferentSecure directive is undocumented, but I'm guessing from the 
code in UserDB.pm that is was intended to be an indicator that secure and 
nonsecure domains for the catalog are different, in which case automatic 
login would be disabled.

In your case secure/nonsecure domains are the same, so I'm not sure what to 
say. I suggest you inquire with your server admin, and failing that (i.e.: 
YOU are the server admin), you could search the mail archives for the 
periodically-posted SSL FAQ's as well as check the online documentation for 
clues.

Is the intended configuration (ssl login), is a cookie being set on your 
client machine at all?

- Ed L.


>If I set SECURE_SERVER to http instead of https it works as expected I 
>guess, at least I receive a prompt telling me it is storing the 
>MV_USERNAME, and MV_PASSWORD on my pc - I assume this is when IC calls the 
>set_cookie rountines in Util.pm
>
>Thanks for the suggestions though....
>
>-Steve
>
>>From: Ed LaFrance <edl@newmediaems.com>
>>Reply-To: interchange-users@icdevgroup.org
>>To: interchange-users@icdevgroup.org
>>Subject: Re: [ic] CookieLogin Yes
>>Date: Sat, 08 Jun 2002 18:25:36 -0700
>>
>>At 12:03 AM 6/9/2002 +0000, you wrote:
>>
>>>>Off the top of my head, no, but I have never claimed to be an expert on
>>>>http servers. You are not the first person who has seen this problem
>>>>though, and I am wondering if there would an interchange.cfg entry which
>>>>would allow the cookie to be set in the desired way under SSL. I can't say
>>>>much more, because I haven't solved the problem for anyone (other than
>>>>making the same suggestion I made to you earlier) and I can't reproduce the
>>>>problem on my own servers.
>>>>
>>>>- Ed L.
>>>Ed,
>>>
>>>I am trying to follow the code in login.html, but am getting lost at the 
>>>form that calls [process secure=1]
>>>
>>>Where is the code for process? - This must be where the cookie is set?
>>>
>>>Thanks,
>>>Steve
>>
>>I think I just answered a separate post of yours on this list that was a 
>>rephrasing of this question.
>>
>>The actual code that sets the cookie is in VENDROOT/lib/Vend/UserDB.pm. 
>>Grep or search that module for 'cookie' and you will find the subroutine. 
>>I believe it's execution is triggered by a login being called with the 
>>value mv_cookie_password being true (yes/1), which is of course the 
>>condition which occurs then 'Automatic Login' is checked on the login form.
>>
>>- Ed L.
>>
>>
>>===============================================================
>>Increase profits from your Interchange store...
>>http://www.newmediaems.com/cgi-bin/nm/software_fus.html
>>===============================================================
>>New Media E.M.S.               Software Solutions for Business
>>463 Main St., Suite D          eCommerce | Consulting | Hosting
>>Placerville, CA  95667         edl@newmediaems.com
>>(530) 622-9421                 http://www.newmediaems.com
>>(866) 519-4680 Toll-Free       (530) 622-9426 Fax
>>===============================================================
>>
>>_______________________________________________
>>interchange-users mailing list
>>interchange-users@icdevgroup.org
>>http://www.icdevgroup.org/mailman/listinfo/interchange-users
>
>
>
>
>_________________________________________________________________
>Join the world's largest e-mail service with MSN Hotmail. 
>http://www.hotmail.com
>
>_______________________________________________
>interchange-users mailing list
>interchange-users@icdevgroup.org
>http://www.icdevgroup.org/mailman/listinfo/interchange-users

===============================================================
Increase profits from your Interchange store...
http://www.newmediaems.com/cgi-bin/nm/software_fus.html
===============================================================
New Media E.M.S.               Software Solutions for Business
463 Main St., Suite D          eCommerce | Consulting | Hosting
Placerville, CA  95667         edl@newmediaems.com
(530) 622-9421                 http://www.newmediaems.com
(866) 519-4680 Toll-Free       (530) 622-9426 Fax
===============================================================