Jump to content

Session cookie 'wire_challenge' not getting set on new server


Recommended Posts

Hi PW Gurus...

If anyone can answer this quickly, you'll get a Gold Star. :-)

I need to fix this by tomorrow, Monday, so I hope some brilliant genius has an answer.

I've copied my PW web app to a new account on a Rackspace cloud server, and I have a very strange issue.

When I log in via the backend admin, on the new server, the cookies "wire" and "wire_challenge" get set correctly, and I stay logged in.

In my front end PHP / API scripts, I can log in, and have confirmed via a print_r of the session array that all the session variables are getting set. I get to my "member's home page" correctly (with user data displayed correctly), but when I click on a different link, I get a page not found, which is typical behavior for these pages when someone is not logged in.

When I click back on the /members/ url, it does indeed show that I'm not logged in.

When I examine the cookies, I see the "wire" cookie, but no "wire_challenge" cookie.

The code and db are identical between my old "dev" account, and the new production account, except for the db settings in the config file.. (Two different servers.) I copied the public_html dir via tar.gz and did a mysqldump and restore of the database, in order to pull in the user data records (which doesn't happen with the site export.)

The old server is running PHP 5.4.19, and the new server is running PHP 5.4.20.

I'm using memcache on a second mysql server, but I'm not using SessionDB anyway.

I've confirmed that sessions, logs, cache and files, under assets, are set to 777. (My old server used cPanel with suPHP, so I didn't need to make them world writeable.)

It's very, very odd that the sessions are getting set in the admin, but not the front end API scripts.

Thanks!

Peter

Link to comment
Share on other sites

Dear Wanze,

Your question stimulated my little grey cells, when I looked at the config file.

I'm using two load balancers (one http, one https), and I think it's a session persistence issue

with them.

I've put in a support ticket to see if they can change the persistence method to be 'cookie based',

instead of IP based. I ran into this issue with vBulletin recently.

I didn't think the load balancers were an issue, because I'm only using one web node.

(I'm using the load balancers to create a stable domain IP in DNS, in case the servers

need to be be changed, etc.)

I'll also look at your suggestion, too.

Thanks!!!

Peter

Link to comment
Share on other sites

Dear Adrian, and All,

I believe it was one of the load balancers.

I had two, one for HTTP, and one for HTTPS.

Rackspace just told me that the HTTPS load balancer doesn't support cookie based session persistence.

When I was logged into the admin, I wasn't using SSL, which is why it worked.

After repointing the domain to the server directly, and bypassing the load balancers, the front end app worked.

I'm using SSL on the entire app because it's a business app that needs to be secure.

So now I have to work with Rackspace to see if I can use a load balancer with SSL and cookie persistence.

If I can't... well, there goes the load balancer.

It was just an "IP" convenience anyway, since I wasn't load balancing the logged in sessions.

Very interesting... one learns more every day, one hopes. :-)

Peter

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...