Users Not Able To Log On: Likely Cookie Issue
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=26378
Printed Date: 03 April 2026 at 4:49am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: Users Not Able To Log On: Likely Cookie Issue
Posted By: aloha55
Subject: Users Not Able To Log On: Likely Cookie Issue
Date Posted: 07 October 2008 at 5:23pm
I have had an inordinate number of users that have problems staying logged on. They are able to log on but then when they try to post they are kicked back to the logon screen. I have done some investigating through screen-sharing and discovered that:
1) a SessionID is added to all URLs
2) They are using IE
3) They have some sort of Toolbar or AV/Security suite installed
An ideas on how to resolve this?
|
Replies:
Posted By: aloha55
Date Posted: 07 October 2008 at 5:30pm
From the includes/setup_options_inc.asp file, I uncommented the following line.
strCookiePath = "/" 'Uncomment this line if your forum has issues with cookies
Other notes: I am using the forum in a frames situation. There is a top and side navigation frame and the WWF forum is in the main frame.
|
Posted By: 123Simples
Date Posted: 07 October 2008 at 5:38pm
If a session ID or SID number is being added in this is almost a certainly a cookie issue. I personally use Firefox, but have noticed something similar on Internet Explorer 7 myself. I'm sure however there is a fix to this and someone may know where the answer lies
-------------
http://www.123simples.com/" rel="nofollow - Visit 123 Simples Web Design
|
Posted By: aloha55
Date Posted: 07 October 2008 at 5:49pm
Yes, the SID is being added for the problem users.
The forum is located here: wwwroot/forum/
Should my cookie path be /forum/ ?
|
Posted By: 123Simples
Date Posted: 07 October 2008 at 5:58pm
No that is not the issue - the wwwroot folder contains the right path, since anything above the wwwroot should not be visible to the browser
Would you like to give us your forum address or PM me so I can see what you see
-------------
http://www.123simples.com/" rel="nofollow - Visit 123 Simples Web Design
|
Posted By: WebWiz-Bruce
Date Posted: 08 October 2008 at 8:03am
If it were a server issue with the way cookies are set then all users would see an SID number in the address bar.
As this only affects some users, then these users who see the SID number in their address bar do not have cookies enabled on their web browser, or they have security software on their computers that block cookies.
If they do not want to change their security settings then you should get them to whitelist your site so that cookies can be used.
-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting
|
Posted By: aloha55
Date Posted: 08 October 2008 at 12:12pm
Bruce:
Thank you kindly for the answer.
Why are
cookies required for WWF logons? Can't the SID be used for session
tracking? If not, then why even have a SID appended to the URLs?
|
Posted By: WebWiz-Bruce
Date Posted: 08 October 2008 at 12:39pm
Cookies are not required for logins although they do help.
Those without cookies enabled will be tracked by sessions, however, if like in your case they are being logged out then it indicates an issue with the server holding sessions and points to issues like the application pool on the server recycling.
You should contact your web host about this and ask them to look into why sessions are not being held on the server.
If you don't have any luck with your web host you can enter the file includes/setup_options_inc.asp and set it so that sessions are held in the database instread, howver this does place extra load on the database and does effect performance.
-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting
|
Posted By: aloha55
Date Posted: 08 October 2008 at 1:04pm
Bruce:
I am the server administrator. While we do have some occasional application pool recycling issues, but they are unrelated to this issue.
The server has relatively low usage. How much does it effect performance and why? If sessions are tracked in the database, wouldn't it require only one additional hit to the database to verify the user? Using one global (page level) variable could be used for this purpose.
Wouldn't there be a way to check for cookies being enabled? My original problem is that WWF allows users to use the Log On screen (and show that they are logged on on the next page), but any subsequent page accesses aren't happening as a logged on user.
Would it be possible for the logon to use an intermediary page where it tries to access a cookie set on the logon submisssion page? If the intermediary page found a cookie then it would continue as normal, otherwise show a "Cookies must be enabled error".
Alternatively, try to set a cookie on every page. Then when the user submits their forum login details it would look for that cookie. If it didn't find it on the page where the logon credentials where posted to, then it would show the "Cookies must be enabled error".
I am looking for a solution that is more helpful to the end users. Rather than just having the user "kicked back to the login screen", displaying a message about needing to enable cookies would be more helpful to them.
Thoughts?
|
Posted By: WebWiz-Bruce
Date Posted: 08 October 2008 at 1:13pm
Having sessions saved in the database does effect performance as writing to a database does use allot more resources than just reading and with multiple session updates on many of the pages it does effect performance.
Web Wiz Forums does check that cookies are working after you login just as you mention, which is why after logging in you get the redirect page which shows if you are logged in before being redirected. If an issue exists with cookies or sessions it informs you here. However as users are then kicked later it suggests intermittent session issue with the server that keep getting dropped.
Because of this very few people have login issues whether they have cookies enabled or not and it is very rare that people like yourself complain about cookie issues.
This suggests some type of setup or configuration issue with your installation, either within the forums software or on the server.
Any application pool recycling is not good as sessions are dropped when the application pool recycles. If you have recycling issues on the server place web wiz forums in it's own application pool and set it to recycle once a day in the early hours of the morning. You should also not use multiple worker processes for application pools as sessions can not be passed between the worker processes.
If load balanced web servers or multiple worker processes are used then the only way to hold the session is to store the session in the database.
If you have a support contract with us then you should open a support ticket from your client area account giving URL, forum, and database login details so that we can have some investigate the issue fully.
-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting
|
|