Keep getting logged out
Results 1 to 7 of 7

Thread: Keep getting logged out

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Keep getting logged out

    Hi,

    Was wondering if any of the website fundis could help out here.

    http://support.pandasecurity.com/forum

    When logging into the above site it goes fine, however when I navigate it seems to log me out. Cant do much as it will lock you out. I am assuming this is because the session ID is changing for some reason ...

    Could anyone shed some light on this? I don't think this is a browser issue as I have tried it at home and works fine. Cookies are enabled ...

    Thanks
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Maybe its a setting in Group Policy...thats why it doesnt happen at home.

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    how is authentication defined in the webconfig for this site/virtual directory?


    fyi... I was able to register, login and browse around. No problems.

    I have tried it at home and works fine
    When u try from home are you logged into the domain?
    Last edited by Cheap Scotch Ron; June 10th, 2009 at 08:56 PM.
    In God We Trust....Everything else we backup.

  4. #4
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    Quote Originally Posted by Cider View Post
    Hi,

    Was wondering if any of the website fundis could help out here.

    http://support.pandasecurity.com/forum

    When logging into the above site it goes fine, however when I navigate it seems to log me out. Cant do much as it will lock you out. I am assuming this is because the session ID is changing for some reason ...

    Could anyone shed some light on this? I don't think this is a browser issue as I have tried it at home and works fine. Cookies are enabled ...

    Thanks
    Greetz.

    Could be cache corruption, it could be coookie session timeout, it could be a problem with the DB..

    Now it shouldn't be the session id changing, simply because once you do a fresh log in the session is stored, if you have the remember me box checked then if you go to the site the next day etc the db checks the sess id against ur userid in the db.

    If the session hash is fine it logs you back in automagically.

    Unless of course the cookie session has been dumbed down in the AdminCP, thus would cause issues like this.
    And i don't suppose you have admin credentials for the site?

    anyhow does it happen under different browsers?

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    anyhow does it happen under different browsers?
    yebo

    Maybe its a setting in Group Policy...that's why it doesn't happen at home.
    We don't use GP here .. I edit my own security policy on the local machine ...

    how is authentication defined in the webconfig for this site/virtual directory?
    explain ...

    And i don't suppose you have admin credentials for the site?
    Our HO admins this site so I can get anything I request to sort it out ...

    Im going to log out of the domain and logon locally to check. doubt it though.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Logged on locally and same results ...
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  7. #7
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    explain ...
    I suspect that some users are connecting with the anonymous (or other e.g. impersonate) credentials which allow access and some credentials dont have the privs.
    authentication scheme can be specified in the properties tab for the site under IIS admin. Can also be set in the web.config for the virtual directory or at the site level.

    Post the web.config (located in VD) here. Look in properties tab for VD in IIS admin to see the security settings.
    In God We Trust....Everything else we backup.

Similar Threads

  1. Chrooted SSH Shell - Who Logged In?
    By Striek in forum *nix Security Discussions
    Replies: 4
    Last Post: September 29th, 2005, 07:40 PM
  2. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 08:47 PM
  3. Get IIS header without being logged and more
    By Tedob1 in forum Microsoft Security Discussions
    Replies: 0
    Last Post: January 7th, 2004, 12:17 AM
  4. Problems staying logged in with Opera
    By Dakyon in forum Site Feedback/Questions/Suggestions
    Replies: 4
    Last Post: October 13th, 2003, 05:58 PM
  5. Logged in as somebody else?
    By powertoad5000 in forum Site Feedback/Questions/Suggestions
    Replies: 3
    Last Post: March 12th, 2003, 06:29 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •