Hi,
I was notified 2 days ago that one of our administrative accounts for MT (MT 4.01) kept getting booted back to the login screen every time a link or action is selected from the dashboard. Today I was notified that our other administrative account is doing the same thing.
Basically, what is happening is that you log in, click a link, get booted, log back in, action from link is performed, and repeat... this makes it pretty much impossible for the administrators to do anything since they would have to log for EVERY link they select.
All of the non-administrative accounts are working properly. I've had several "regular" users log in and perform daily tasks without incident.
I've checked the MT activity log and error log. There is nothing erroneous being revealed. I've also tried rebooting the services (Apache, MySQL) without any luck.
If anyone else has experienced this problem and fixed it, I'd love to know!
Full Version: Admin Accounts Continually Kicked To Login Screen
Check that the domain users are connecting to is the same as CGIPath in mt-config.
Note that www.domain.com/mt/ is different to domain.com/mt/ as far as cookies, and by extension MT security is concerned.
Note that www.domain.com/mt/ is different to domain.com/mt/ as far as cookies, and by extension MT security is concerned.
If ONM's idea doesn't work out, try this, which was a different problem but had some similar behavior:
In mt-config, set:
CookieDomain .domain.com #Using your own domain, obviously
CookiePath /
Then have the people getting booted manually delete their MT user cookie.
Do you have any htaccess rewrite rules in place? I had a similar problem come up when I created one for tag search links to make them prettier, eg domain.com/tag/foo rather than the mt-search.cgi?etc
If you're using multiple MT installations(unlikely), let me know. CookiePath will probably need to be a bit different.
In mt-config, set:
CookieDomain .domain.com #Using your own domain, obviously
CookiePath /
Then have the people getting booted manually delete their MT user cookie.
Do you have any htaccess rewrite rules in place? I had a similar problem come up when I created one for tag search links to make them prettier, eg domain.com/tag/foo rather than the mt-search.cgi?etc
If you're using multiple MT installations(unlikely), let me know. CookiePath will probably need to be a bit different.
I tried the above suggestions without any luck. I also ran checks on my MT database to ensure that there wasn't any corrupt tables, but everything checked out there too... but I will run the repair commands anyways just to make sure.
There are no .htaccess files currently being used.
Things have gotten worse actually. Now all users are having problems getting kicked back to the login screen (previously it was only the admin accounts).
I also tried using the AdminCGIPath setting, but that did not change any results for the admins who are still getting kicked out to the login screen.
It is a single (not multiple) installation of MT.
There are no .htaccess files currently being used.
Things have gotten worse actually. Now all users are having problems getting kicked back to the login screen (previously it was only the admin accounts).
I also tried using the AdminCGIPath setting, but that did not change any results for the admins who are still getting kicked out to the login screen.
It is a single (not multiple) installation of MT.
I ran repairs on the MySQL tables.
It fixed the problem with "regular" users not being able to log in and do things properly. However, admin accounts are still getting kicked.
It fixed the problem with "regular" users not being able to log in and do things properly. However, admin accounts are still getting kicked.
Which browsers?
Can you check the content of the cookies being sent back (FF web developer toolbar is good for this)
Can you check the content of the cookies being sent back (FF web developer toolbar is good for this)
QUOTE (OtherNiceMan @ Jan 24 2008, 04:37 PM) 
Which browsers?
Can you check the content of the cookies being sent back (FF web developer toolbar is good for this)
Can you check the content of the cookies being sent back (FF web developer toolbar is good for this)
Hi again,
At first it was not working in both FF and in IE... well, ever since I downloaded the FF web developer toolbar (good tip by the way), it works in firefox. Go figure.
I've cleared the cookies and other web-related content in both FF and IE countless times, so I'm not sure why it would work all of a sudden (maybe I missed deleting something).
Still doesn't work in IE though with the admin account. My regular account is still fine (in both FF and IE). I have to admit, I'm a little lost on this one, but I think you are on the right track.
For IE I would force the deletion of all cached files and cookies and see if that solves it (manually delete via the file system if need be).
QUOTE (OtherNiceMan @ Jan 25 2008, 11:39 AM)
For IE I would force the deletion of all cached files and cookies and see if that solves it (manually delete via the file system if need be).
Yep, did that... still no luck.
Also, having a new problem. The "body" area to write new entries is not being enabled. You can see it, but when you click on it to enter some text, no cursor appears. So the people who can log in can't actually create new entries.
I'm very close to thinking it's time to re-install and re-configure.
Again I had that problem when I was accessing my site via http://localhost/mt rather than the path in my mt-config file so it still seems to be some sort of cookie / paths issue.
Do you have a Javascript error in IE bottom left with something like a permission denied error.
Do you have a Javascript error in IE bottom left with something like a permission denied error.
I've periodically had the same problem (still unresolved) as Dave-O, and I've seen it (often unresolved) in several other threads on this board. Once a database repair fixed it; other times nothing I've seen has helped.
I was hoping that the issue would be addressed in MT4.1, but it doesn't appear so.
Given the number of people who've had this issue, it seems to me that there should be some solution in the application rather than having users try to address it (often unsuccessfully) over and over.
I was hoping that the issue would be addressed in MT4.1, but it doesn't appear so.
Given the number of people who've had this issue, it seems to me that there should be some solution in the application rather than having users try to address it (often unsuccessfully) over and over.
There can only be a solution once it can be reliably reproduced so that there can be some understanding of the cause. Sending feedback through the feedback form is best at the moment http://www.movabletype.org/feedback.html. Include as much information as possible about your config and blog set up.
Are you publishing to the same directory as your mt-static location for example.
For me I can only reproduce it if I access the site from a url that is different from the one specified in my config file, that is a problem with the way that I configured my system and the way web browsers handle cookies.
Are you publishing to the same directory as your mt-static location for example.
For me I can only reproduce it if I access the site from a url that is different from the one specified in my config file, that is a problem with the way that I configured my system and the way web browsers handle cookies.
QUOTE (OtherNiceMan @ Jan 25 2008, 05:10 PM)
I can only reproduce it if I access the site from a url that is different from the one specified in my config file, that is a problem with the way that I configured my system and the way web browsers handle cookies.
For those of us who prefer to deal with as little back-end stuff as possible, could you maybe provide plain-English instructions on double-checking to ensure that one's config file isn't the source of the problem?
My config file has the CGIPath as http://www.example.com/cgi-bin/mt/ and the StaticWebPath as http://www.example.com/mt-static/, and the blog is published at http://www.example.com. All of my MT files are in http://www.example.com/cgi-bin/mt/ except for the mt-static files, which are in http://www.example.com/mt-static/. Am I doing something wrong?
There have been times when I have to log in again for any action I take, and there are times when everything works smoothly. Once a database repair solved a problem, and ever since then there have been no database errors, but the problem has continued in some form or another. The problem seems to crop up with different browsers and different operating systems, but it's not constant. What's frustrating is that it seems nearly random.
A database repair did help to a certain extent. Most of the users can log in now, and I can log in under the admin account (works in Firefox only) and not get completed booted. However, it is hardly functional and I'm still at a loss as to the actual cause of many of these problems, although it could be javascript-related, database-related or both... so I'm not really narrowing down the problem very quickly.
Consider one of the problems that is happening here. Upon logging in, all javascript seems to be running fine, all images are displayed on the dashboard. Once I select the "write entry" link, the switch almost turns off completely. No more drop-down menus on the editor page, the body text area is completely disabled, etc. However, there weren't any Javascript warnings or errors.
Today I decided to play around with my CGIPath and StaticWebPath a bit. At one point, I did get a Javascript error on the editor page. "Permission denied" for "...mt/mt-static/html/editor-content.html?Cs=utf-8" which is very strange since permissions are the same as they have always been. Not sure if that means anything, but at least I finally had SOME error show up.
I will continue my adventure in hopes to find the cause of and solution to my difficulties.
Consider one of the problems that is happening here. Upon logging in, all javascript seems to be running fine, all images are displayed on the dashboard. Once I select the "write entry" link, the switch almost turns off completely. No more drop-down menus on the editor page, the body text area is completely disabled, etc. However, there weren't any Javascript warnings or errors.
Today I decided to play around with my CGIPath and StaticWebPath a bit. At one point, I did get a Javascript error on the editor page. "Permission denied" for "...mt/mt-static/html/editor-content.html?Cs=utf-8" which is very strange since permissions are the same as they have always been. Not sure if that means anything, but at least I finally had SOME error show up.
I will continue my adventure in hopes to find the cause of and solution to my difficulties.
Just a small update... for anyone that has similar issues.
I was experimenting with different things for a while, and eventually decided to go back to what my "original" config would have been. Also, I removed a few lines of settings from my Apache config file that I thought might cause some conflicts. Rebooted a number of services as well.
The good news is that the editor page seems to be working now for all the users (yay). How long this actually lasts, I don't know.
The admin accounts work fine in Firefox. Actually, they work perfectly in Firefox as far as I know.
The admin accounts STILL get booted to the Login screen with IE.
Back to square 1.
I was experimenting with different things for a while, and eventually decided to go back to what my "original" config would have been. Also, I removed a few lines of settings from my Apache config file that I thought might cause some conflicts. Rebooted a number of services as well.
The good news is that the editor page seems to be working now for all the users (yay). How long this actually lasts, I don't know.
The admin accounts work fine in Firefox. Actually, they work perfectly in Firefox as far as I know.
The admin accounts STILL get booted to the Login screen with IE.
Back to square 1.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.