[ic] Re: Odd https/redirect behavior
Janine A Sisk
janine at furfly.net
Thu Sep 30 14:16:50 EDT 2004
On Sep 30, 2004, at 1:53 PM, Greg wrote:
> Janine A Sisk wrote:
>> No one has any ideas? Please tell me I'm not the only one this has
>> ever happened to - I hate that! :)
>> Suggestions on how to go about debugging this are welcome too - I
>> know Perl, but am not familiar with the Interchange source at all.
>> On Sep 29, 2004, at 4:27 PM, Janine A Sisk wrote:
>>> I have had one Interchange site site set up for a few months, and
>>> recently set up a second one on the same system. Things went
>>> swimmingly until I tried to access the admin pages.
>>> On the site that works, if I go to
>>> http://www.site1.com/cgi-bin/shop/admin I get redirected to
>>> https://www.readerscatalog.com/cgi-bin/shop/admin/login.html to log
>>> in, and I stay in https the entire time I'm using the admin pages.
>>> On the new site I don't get redirected to https, and if I put in the
>>> https part manually I get redirected back to http on the next page
>>> load. But https *is* working; I can manually go to
>>> https://www.site2.com/cgi-bin/shop/admin/login.html and it works
>>> just fine.
>>> I have verified that SECURE_SERVER is set correctly, but that's
>>> about as far as I've gotten due to a second problem: it appears
>>> that the login cookie isn't being written or found or something.
>>> Each admin page I go to I have to log in over again. I know cookies
>>> are working in my browser generally, and I can see that this site
>>> has written an MV_SESSION_ID cookie, but perhaps that is a different
>>> one. It's probably related to the above problem somehow.
>>> Any suggestions? If https wasn't working at all I'd know what to
>>> do, more or less, but I've never had a problem like this before.
>>> BTW we are not using virtual hosts; each site has it's own IP
> Did you check your UI_SECURE setting in variable.txt?
It wasn't set, so I set it to 1 like my site that works and restarted
Interchange but it didn't make any difference.
However, this did give me an idea - I diff'ed the variable.txt files
between the site that works and the one that didn't. The key value
turned out to be SECURE_ENABLED, which was also not set. Maybe I
needed both, I didn't to back and try turning off UI_SECURE. But
anyway, it works now.
I'm a bit puzzled as I don't recall setting these things last time; as
far as I know it *just worked*. The only difference between the two
setups is that this time I didn't install any of the demo data. Would
that have caused this?
Anyway, thanks, Greg, for the tip!
More information about the interchange-users