[TYPO3-core] RFC #10205: DB session record is only created when user is authenticated
Michael Stucki
michael at typo3.org
Sat Jan 24 01:59:05 CET 2009
Hello Helmut,
> seems like the problem with session data for unauthentivated users will
> be solved with this patch.
>
> But there is still the problem with not beeing able to authenticate as
> backend user (and maybe frontend user), unless clearing the cookies
> after the update to the version with the fixed session fixation issue?
>
> (see: http://bugs.typo3.org/view.php?id=10216)
>
> Unfortunatly it does not happen all the time and not in every TYPO3
> installation, so I'm currently not able to perfectly reproduce this issue.
Could you reproduce this? I really doubt it has to do with our change.
There must be something weird going on if the be_typo_user cookie is
kept for 3 years...
- michael
--
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/
More information about the TYPO3-team-core
mailing list