I am using OJS version 1.30 2003/07/13.
All seemed to be ok, but since we moved OJS to an SSL secure directory of our HTTP server, quite a few users (editors, authors or reviewers) cannot login at all. It is very strange problem and I cannot see the cause.
It works great most of the time, but every now and then a user will be assigned a new session id, between the re-direction from the login page to the correspondent user page, and consequently they see the error msg: “Your session has expired. Please login again.” I do not know how to help these users that before were able to login and now not. Please any clue?
Your session has expired. Please login again.
Moderators: jmacgreg, michael, John, vgabler
Forum rules
This forum is meant for general questions about the usability of OJS from an everyday user's perspective: journal managers, authors, and editors are welcome to post questions here, as are librarians and other support staff. We welcome general questions about the role of OJS and how the workflow works, as well as specific function- or user-related questions.
What to do if you have general, workflow or usability questions about OJS:
1. Read the documentation. We've written documentation to cover from OJS basics to system administration and code development, and we encourage you to read it.
2. take a look at the tutorials. We will continue to add tutorials covering OJS basics as time goes on.
3. Post a question. Questions are always welcome here, but if it's a technical question you should probably post to the OJS Technical Support subforum; if you have a development question, try the OJS Development subforum.
This forum is meant for general questions about the usability of OJS from an everyday user's perspective: journal managers, authors, and editors are welcome to post questions here, as are librarians and other support staff. We welcome general questions about the role of OJS and how the workflow works, as well as specific function- or user-related questions.
What to do if you have general, workflow or usability questions about OJS:
1. Read the documentation. We've written documentation to cover from OJS basics to system administration and code development, and we encourage you to read it.
2. take a look at the tutorials. We will continue to add tutorials covering OJS basics as time goes on.
3. Post a question. Questions are always welcome here, but if it's a technical question you should probably post to the OJS Technical Support subforum; if you have a development question, try the OJS Development subforum.
7 posts
• Page 1 of 1
by kevin » Thu Jun 10, 2004 9:17 pm
I'm not sure where you got that version number from; it looks like a CVS revision number for one particular file, which has no relation to the actual version of OJS.
But anyways, you may want to try this patch for include/common.php , as prior to this patch OJS did not behave well when it could be accessed under multiple domains or through both HTTP and HTTPS.
But anyways, you may want to try this patch for include/common.php , as prior to this patch OJS did not behave well when it could be accessed under multiple domains or through both HTTP and HTTPS.
Kevin
- kevin
- Posts: 338
- Joined: Tue Oct 14, 2003 8:23 pm
Your session has expired. Please login again.
by santy » Sun Jun 13, 2004 2:38 am
Thank you Kevin. The OJS scripts that I sue include in the top:
// $Id: common.php,v 1.30 2003/07/13 23:33:24 kevin Exp $
//
// Open Journal Systems 1.1
// (c) The Public Knowledge Project 2003
// http://www.pkp.ubc.ca
I have applied the patch, but with not too much luck. Users still getting “Your session has expired. Please login again.” I can see that the SID is generated and an entry is added in the tblsessions table and after login the user is really redirect to the user or editor page, but at the end his login is refused. Anyway, thank you for your help.
// $Id: common.php,v 1.30 2003/07/13 23:33:24 kevin Exp $
//
// Open Journal Systems 1.1
// (c) The Public Knowledge Project 2003
// http://www.pkp.ubc.ca
I have applied the patch, but with not too much luck. Users still getting “Your session has expired. Please login again.” I can see that the SID is generated and an entry is added in the tblsessions table and after login the user is really redirect to the user or editor page, but at the end his login is refused. Anyway, thank you for your help.
- santy
by Santy » Mon Jun 14, 2004 9:50 am
Mmm.. I was suspecting something about that.. I would say that we are not re-directing to other URL, but I will investigate further to make sure. Thank you Kevin. I will let you know the outcome. (But I am still wondering why this happens with only a very few number of our users?)
- Santy
by kevin » Mon Jun 14, 2004 7:28 pm
If the problem only occurs with a small number of users, are these users using AOL or another dynamic proxy such that their IP address changes during a session?
There is a security measure in OJS to help prevent session hijacking that will expire a session if a user's IP address changes. You may try disabling this check with a change like:
in include/session.inc.php
There is a security measure in OJS to help prevent session hijacking that will expire a session if a user's IP address changes. You may try disabling this check with a change like:
- Code: Select all
- if($session_ip != $ip) {
+ if(0 && $session_ip != $ip) {
in include/session.inc.php
Kevin
- kevin
- Posts: 338
- Joined: Tue Oct 14, 2003 8:23 pm
7 posts
• Page 1 of 1
Return to OJS Editorial Support and Discussion
Who is online
Users browsing this forum: No registered users and 1 guest