[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Recurrent "session expired" notices



Hi Malcolm and Gene,

Before I respond to your email.
  I have added information on using multiple firefox profiles to
    http://www.sbts.com.au/lsmb/addons.php
  There is a downloadable copy of the userChrome.css file there too.
That information is more concise that what is found below.


This is expected behavior for all recent versions of LedgerSMB.
It is to help prevent a variety of security attacks, but is also a limitation of most browser's implementation of httpauth.

Very Simplistically, any given browser can only have one "auth'ed" session open at a time. Hence any attempt to switch between sessions will re-request a password. There is actually a lot more going on behind the scenes but Chris T would have to provide detail on that as I would only muddy the waters.

Certainly with Firefox Gene's suggestion of running Firefox under two or more system users is not necessary.
It is possible to run firefox with different "Profiles"

This is done by first creating a new Profile by running....
	firefox -ProfileManager -no-remote
You can start it with a specific Profile by running....
	firefox -P "profilename" -no-remote

The -no-remote Option Opens a new instance, not a new window in a running instance. Without this option Profile manager will not start if there is already an instance of Firefox running.

I would suggest creating a userChrome.css file in the new Profile with the following content.
>>>> START userChrome.css
@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";);
/* set default namespace to XUL */
/* The @namespace url(".........."); line is a single line */

#urlbar {
   font-family: monospace !important;
   color: navy !important;
   background-color: green !important;
}

menubar, menubutton, menulist, menu, menuitem, menupopup {
   color: navy !important;
   background-color: lightgreen !important;
}
<<<< END userChrome.css

If you Customise the colors to suit yourself, and use different colors for each profile it makes it obvious that you are running a different profile as the menubar background and font will change color as will the urlbar font.

If you don't make these changes to userChrome.css the differences between profiles are more subtle, the main visible difference being that you will likely have different bookmarks.

There is another issue with Gene's suggestion of multiple system users, while it will likely work just fine if you run
  ssh ..hidden.. -Y firefox
running
  su username firefox
probably won't work on most modern systems that are secure as XAUTH will fail. There are ways around this, but none of them are simple to implement for the uninitiated.

I have added information on using multiple firefox profiles to
   http://www.sbts.com.au/lsmb/addons.php
There is also a downloadable copy of the userChrome.css file there too.


Regards
David Godfrey

ERACC Subscriptions wrote:
On Saturday 08 May 2010 Malcolm wrote:

I'm running ledgersmb 1.2.21 on Ubuntu 10.04.  I frequently need to
have two or more databases open in different tabs of my browser.
Until recently, this did not seem to cause a problem.  Now,
 however, whenever I switch from one tab to the other I get a
 "session expired" notice as soon as I try to do
 anything.  Re-entering the password gets me back in, but when I
 switch back to the other tab the same thing occurs.  This happens
 with Chrome, Firefox and Konqueror.

If I open the databases in different browsers I can switch between
them quite happily, which makes me think that a second session may
 be deleting or overwriting a cookie needed by the first session to
 remain active.

Is there a fix for this, apart from collecting as many browsers as
 one needs databases opened simultaneously!

That is an interesting question. Personally, I would create separate users on my Linux system and open browsers under those users to do this. Here is the method I would use:

 * Create a second, third, etcetera Linux user account(s).
 * Login to my primary user account on the Linux system.
 * Open Firefox and login to LedgerSMB as a user for a database I
   designate(!) to be for my primary Linux user.
   (! Mentally designate that is.)
 * Open a terminal window such as xterm.
 * Use "su - user2name" to login to my second user account. Where
   "user2name" would be replaced with the actual login name for that
   user.
 * Start Firefox in the xterm window for that user and login to the
   LedgerSMB user and database I have mentally assigned to that user.
 * Repeat as needed for additional users and databases.

This will keep the sessions separate even should they all use a similar cookie. This is accomplished because each user on the system has his own directory. Note that I do not use Ubuntu and am presuming this works on Ubuntu. Since the 'buntu folk do stuff rather odd by avoiding su in favor of sudo one may need to figure out how to do this using sudo.

Gene Alexander