ommadawn
Posts: 18
|
Posted: 05/03/2012, 5:12 AM |
|
I have just converted a project from 4.3 to 5 and now none of the security is working. I have checked all the restricted options and the security groups etc so there's nothing wrong there and it works when published with CCS 4.3.
Has any one else had this problem?
|
|
|
ommadawn
Posts: 18
|
Posted: 05/03/2012, 5:13 AM |
|
By the way, I can get logged in but get redirected to the log in page when trying to view a restricted page.
|
|
|
ommadawn
Posts: 18
|
Posted: 05/03/2012, 6:19 AM |
|
Think I found the problem. This was in the common.php file.
if (CCGetUserAddr() != $_SERVER["REMOTE_ADDR"]) { CCLogoutUser(); }
which was logging me out. Apparently this is a new session variable which is set in the CCLoginUser function (CCSetSession("UserAddr", $_SERVER["REMOTE_ADDR"]);) as part of CCS 5.
Because I had manually modified my CCLoginUser function it didn't add it during the upgrade process.
Well, that's what I think anyway. Hope this is some use to someone.
|
|
|
DataDoIT
|
Posted: 05/03/2012, 8:28 AM |
|
I'm seeing several issues being reported with that remote server IP
check added to CCS5. I think that should be a configurable option under
Security Settings for the project and not forced. Probably not a well
thought out decision that was made on the developer's part, without
customer input of course.
It will almost certainly cause increased support call volume on some
applications we've deployed using the Remember Me feature.
|
|
|