EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #09742


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Login when opening a new tab


Hi James,

That is odd.  I think LDAP may be a red herring.  I suspect that there IP may be changing and this will require them to login again.  It is worth checking the loginticket table for the userid of a user with this issue.  If you see lots of loginticket records for them, especially if ordering by time the IP keeps flipping between two or more IP addresses, then that will be your issue.  If that is the case you will need to set the following configuration option:

$c->{ignore_login_ip} = 1;

Where I have used this recently I have put this under the archive's cfg/cfg.d/ directory and called the file zz_ignore_login_ip.pl to ensure it is not overridden.

The reason for caring about the IP address saying the same is historical back in the day when some repositories did not use HTTPS and therefore the best way to make sure someone had not stolen a user session was to ensure the IP address had not changed.  In the next release (3.4.6) or EPrints things have been changed to not enforce the IP address saying the same to maintain a session, as long as HTTPS is enabled:

https://github.com/eprints/eprints3.4/issues/339

Regards

David Newman


On 03/07/2024 15:05, James Kerwin wrote:
CAUTION: This e-mail originated outside the University of Southampton.
CAUTION: This e-mail originated outside the University of Southampton.
Hi everyone,

Another question. We're on EPrints 3.4.4 and use LDAP login. Team members pointed out today that whenever they follow a link to a login-only page they need to log in to the repository again in order to view it even if they have only just logged in. If they paste the link in their address bar it typically works.

My testing so far suggests any login-only link from the browser requires another login. If I follow it from an Excel/notepad file it lets me view the page.

Can anybody nudge me in the right direction for how to start to solve this?

Example of a login-only page that I attempt to view:


The page it takes me to:


I have investigated the user-login.pl script that comes with this version of EPrints, but it's very different to the LDAP scrip that I have in a file of the same name.

Thanks,
James

*** Options: https://wiki.eprints.org/w/Eprints-tech_Mailing_List
*** Archive: https://www.eprints.org/tech.php/
*** EPrints community wiki: https://wiki.eprints.org/