| Secure cookies prevent login in PHP/Zend [message #175530] |
Tue, 04 October 2011 19:23  |
![nick[1] is currently offline](/forum/theme/default/images/offline.png "nick[1] is currently offline")
nick[1]
Messages: 5
Registered: October 2011
Karma: 0
|
Junior Member |
|
|
Has anyone used the directive session.cookie_secure when also using
Zend_Captcha_Image? When enabled, every time I try to login it fails.
Essentially each request is treated as a new session, therefore
failing the captcha verification even when I type it in correctly. I
have been using Zend_Captcha_Image for several months without any
problems and when the session.cookie_secure directive is removed, it
works fine.
I have tried just using the session.cookie_secure directive in the
php.ini file. (this is not how I'm doing it now, but I included it
here so you know).
Currently I'm calling Zend_Session::setOptions(array('cookie_httponly'
=> true, 'cookie_secure' => true )); in the application bootstrap. I
have turned on & off resources.session.cookie_secure = true to no
avail.
Does anyone have any ideas?
|
|
|
|
| Re: Secure cookies prevent login in PHP/Zend [message #175531 is a reply to message #175530] |
Tue, 04 October 2011 20:01  |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 10/4/2011 3:23 PM, nick wrote:
> Has anyone used the directive session.cookie_secure when also using
> Zend_Captcha_Image? When enabled, every time I try to login it fails.
> Essentially each request is treated as a new session, therefore
> failing the captcha verification even when I type it in correctly. I
> have been using Zend_Captcha_Image for several months without any
> problems and when the session.cookie_secure directive is removed, it
> works fine.
>
> I have tried just using the session.cookie_secure directive in the
> php.ini file. (this is not how I'm doing it now, but I included it
> here so you know).
>
> Currently I'm calling Zend_Session::setOptions(array('cookie_httponly'
> => true, 'cookie_secure' => true )); in the application bootstrap. I
> have turned on& off resources.session.cookie_secure = true to no
> avail.
>
> Does anyone have any ideas?
Are you using a secure request (https) for your page?
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Secure cookies prevent login in PHP/Zend [message #175532 is a reply to message #175531] |
Tue, 04 October 2011 21:12 |
nick[1]
Messages: 5
Registered: October 2011
Karma: 0
|
Junior Member |
|
|
On Oct 4, 4:01 pm, Jerry Stuckle <jstuck...@attglobal.net> wrote:
> On 10/4/2011 3:23 PM, nick wrote:
>
>
>
>
>
>
>
>
>
>> Has anyone used the directive session.cookie_secure when also using
>> Zend_Captcha_Image? When enabled, every time I try to login it fails.
>> Essentially each request is treated as a new session, therefore
>> failing the captcha verification even when I type it in correctly. I
>> have been using Zend_Captcha_Image for several months without any
>> problems and when the session.cookie_secure directive is removed, it
>> works fine.
>
>> I have tried just using the session.cookie_secure directive in the
>> php.ini file. (this is not how I'm doing it now, but I included it
>> here so you know).
>
>> Currently I'm calling Zend_Session::setOptions(array('cookie_httponly'
>> => true, 'cookie_secure' => true )); in the application bootstrap. I
>> have turned on& off resources.session.cookie_secure = true to no
>> avail.
>
>> Does anyone have any ideas?
>
> Are you using a secure request (https) for your page?
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstuck...@attglobal.net
> ==================
It is failing for both http & https requests.
Thanks.
|
|
|
|
| Re: Secure cookies prevent login in PHP/Zend [message #175533 is a reply to message #175532] |
Tue, 04 October 2011 23:36 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 10/4/2011 5:12 PM, nick wrote:
> On Oct 4, 4:01 pm, Jerry Stuckle<jstuck...@attglobal.net> wrote:
>> On 10/4/2011 3:23 PM, nick wrote:
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>> Has anyone used the directive session.cookie_secure when also using
>>> Zend_Captcha_Image? When enabled, every time I try to login it fails.
>>> Essentially each request is treated as a new session, therefore
>>> failing the captcha verification even when I type it in correctly. I
>>> have been using Zend_Captcha_Image for several months without any
>>> problems and when the session.cookie_secure directive is removed, it
>>> works fine.
>>
>>> I have tried just using the session.cookie_secure directive in the
>>> php.ini file. (this is not how I'm doing it now, but I included it
>>> here so you know).
>>
>>> Currently I'm calling Zend_Session::setOptions(array('cookie_httponly'
>>> => true, 'cookie_secure' => true )); in the application bootstrap. I
>>> have turned on& off resources.session.cookie_secure = true to no
>>> avail.
>>
>>> Does anyone have any ideas?
>>
>> Are you using a secure request (https) for your page?
>>
>
> It is failing for both http& https requests.
>
> Thanks.
Are you sure you're using https throughout? It works for me as long as
the page requests are *all* using it.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Secure cookies prevent login in PHP/Zend [message #175538 is a reply to message #175533] |
Wed, 05 October 2011 15:30 |
nick[1]
Messages: 5
Registered: October 2011
Karma: 0
|
Junior Member |
|
|
On Oct 4, 7:36 pm, Jerry Stuckle <jstuck...@attglobal.net> wrote:
> On 10/4/2011 5:12 PM, nick wrote:
>
>
>
>
>
>
>
>
>
>> On Oct 4, 4:01 pm, Jerry Stuckle<jstuck...@attglobal.net> wrote:
>>> On 10/4/2011 3:23 PM, nick wrote:
>
>>>> Has anyone used the directive session.cookie_secure when also using
>>>> Zend_Captcha_Image? When enabled, every time I try to login it fails.
>>>> Essentially each request is treated as a new session, therefore
>>>> failing the captcha verification even when I type it in correctly. I
>>>> have been using Zend_Captcha_Image for several months without any
>>>> problems and when the session.cookie_secure directive is removed, it
>>>> works fine.
>
>>>> I have tried just using the session.cookie_secure directive in the
>>>> php.ini file. (this is not how I'm doing it now, but I included it
>>>> here so you know).
>
>>>> Currently I'm calling Zend_Session::setOptions(array('cookie_httponly'
>>>> => true, 'cookie_secure' => true )); in the application bootstrap. I
>>>> have turned on& off resources.session.cookie_secure = true to no
>>>> avail.
>
>>>> Does anyone have any ideas?
>
>>> Are you using a secure request (https) for your page?
>
>> It is failing for both http& https requests.
>
>> Thanks.
>
> Are you sure you're using https throughout? It works for me as long as
> the page requests are *all* using it.
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstuck...@attglobal.net
> ==================
Jerry,
I will double check this with the Sys Admin. I will get back to you as
soon as get a definitive answer.
Thanks,
Nick
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]