OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki



login and disabled cookies

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
What to do if you have a technical problem with OJS:

1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.

2. Check the FAQ to see if your question or error has already been resolved.

3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.

login and disabled cookies

Postby garde » Thu Mar 16, 2006 12:25 am

Hi,

we are currently setting up our journal at http://ejhi/net/ojs

The problem we experience with the first users, many of them are located in hospitals with very strict settings for their browsers.

The problem is that cookies need to be enabled and the user when logging in does not even get an error message at the moment when cookies aren't enabled and just returns to the login site again without further explanantion.
...and they all come back to me wondering why the login doesn't work.

Obviously they need cookies enabled, but is there an elegant way within OJS to tell them this before the login and/or after the unsuccessful login?

(I thought that this is a common problem, but couldnt find anything in the Forum or FAQs.)

It's a great system!

Kind regards
Sebastian
garde
 
Posts: 17
Joined: Thu Mar 16, 2006 12:16 am

Postby asmecher » Thu Mar 16, 2006 10:34 am

Hi Sebastian,

We're considering adding support for cookie-free sessions (e.g. using a SID URL parameter), but be warned that this has security implications -- you can assume someone else's identity simply by grabbing the SID parameter out of the URL. This will likely make it into the next incremental release as a configuration option with a security disclaimer.

Regards,
Alec Smecher
Open Journal Systems Team
asmecher
 
Posts: 8307
Joined: Wed Aug 10, 2005 12:56 pm


Return to OJS Technical Support

Who is online

Users browsing this forum: No registered users and 3 guests