9 Mar
2016
9 Mar
'16
2:29 p.m.
The code where this happens is in:
https://github.com/xwiki/xwiki-platform/blob/master/xwiki-platform-core/xwi…
I have to admit that I do not know much about that corner of XWiki code
some random pointers:
There is some hint that switching IP's might cause the problem, as in:
http://jira.xwiki.org/browse/XWIKI-2463
so maybe setting:
xwiki.authentication.useip=false
in WEB-INF/xwiki.cfg could help.
Then, you can set
xwiki.authentication.protection=none
which should make the problem go away, but of course at the cost that the authenticator
does not check the cookie is encrypted with the given key in xwiki.cfg.
Aside of that I remember having a similar problem some time ago after changing the
xwiki.authentication.validationKey / xwiki.authentication.encryptionKey in xwiki.cfg;
but that vanished after clearing *all* cookies in the browser once. As I understood your
users have already done this, so it is probably not related to this problem.
----- Ursprüngliche Nachricht -----
Von: Tobias Kirchhofer
Am: Wednesday, 09.03.2016, 13:40
An: Xwiki Users
Betreff: Re: [xwiki-users] Login cookie validation hash mismatch! Cookies have been
tampered with
This is the message which appears after 30 minutes:
<http://xwiki.475771.n2.nabble.com/file/n7598389/screenshot_53.png>
"You do not have permission to view the document or to perform that action."
The we have to actively logout and close the browser window. By opening a
new window and navigating to the wiki we can login again.
Our developers say this is most likely a bug in the application. How can we
debug this one?
--
View this message in context:
http://xwiki.475771.n2.nabble.com/Login-cookie-validation-hash-mismatch-Coo…
Sent from the XWiki- Users mailing list archive at Nabble.com.
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users