Skip to Content.
Sympa Menu

en - Re: [sympa-users] AUTHORIZATION REJECT (set) This action is restricted

Subject: The mailing list for listmasters using Sympa

List archive

Chronological Thread  
  • From: Serge Aumont <address@concealed>
  • To: address@concealed
  • Cc: address@concealed
  • Subject: Re: [sympa-users] AUTHORIZATION REJECT (set) This action is restricted
  • Date: Tue, 16 Sep 2008 08:49:18 +0200

Muhammed Sameer wrote:
SAlaam,

Hey these are the logs that are generated once I try to edit a user.


Sep 16 17:56:22 extranet wwsympa[29783]: SympaSession::new()
SympaSession::new ignoring unknown session cookie
Sep 16 17:56:22 extranet wwsympa[29783]: [robot intranet.directi.com] [client
192.168.1.3] [list prj-obox-devalerts] main::do_editsubscriber()
do_editsubscriber(address@concealed)
Sep 16 17:56:22 extranet wwsympa[29783]: [robot intranet.directi.com] [client
192.168.1.3] [list prj-obox-devalerts] main::do_editsubscriber()
do_editsubscriber: may not edit
Salaam

Your session is broken so a new session is started as anonymous user. Sympa session uses several session hijacking prevention method that can be the reason why your session is broken. (doc about session hijacking : http://en.wikipedia.org/wiki/Session_hijacking#Prevention )

Two method used by Sympa can break sessions :

-for each clic the session id is renewed. You can remove this by changing the following line in SympaSession.pm (subroutine store) :
## Renew the session ID in order to prevent session hijacking
my $new_id = &get_random();

to be changed by

my $new_id = $self->{'id_session'}

This is not a patch we will include in Sympa release until we have some technical description of a problem solved by this method.

The second reason that can break sessions is that Sympa check that the client IP adress is unchanged during the session. This may be a problem if you are using NAT, multiple proxy or any other method that may change the @IP of the client.
In such case Sympa logs : "SympaSession::new ignoring session cookie because remote host X.X.X.X is not the original host".

This can be solved applying the following patch : http://sourcesup.cru.fr/cgi/viewvc.cgi/trunk/wwsympa/SympaSession.pm?r1=5107&r2=5142

Let us known what solve your problem. If not anyone of thoses two method solve the problem, please could you check that the value of client cookie sympasession is registered as id_session in session_table.

Serge












Could you look for "ignoring session cookie because remote host..." in you logs. If this record is logued this mean probably that you are using a configuration with proxy, reverse proxy, nat or any other system that chenge the client remotehost so the session is broken and the service is requested as anomymous user.

In order to solve that problem, you may apply the following patch :
http://sourcesup.cru.fr/cgi/viewvc.cgi/trunk/wwsympa/SympaSession.pm?r1=5107&r2=5142



If this is not the problem. You should try to understand the raison why the session broken ("new ignoring unknown session cookie"). If this problem can be reproduced, we would be pleased if you could look at you client cookie "sympa_session" and search it's value in Sympa database, table "session_table" as field "id_session".
Regards,
Muhammed Sameer


--- On Mon, 9/15/08, address@concealed <address@concealed> wrote:

From: address@concealed <address@concealed>
Subject: [sympa-users] AUTHORIZATION REJECT (set) This action is restricted
to list owners.
To: address@concealed
Date: Monday, September 15, 2008, 11:50 PM
Salaam,

Hey everyone, I get this error when i try to set the
reception mode of a user
to 'No Mail'

This is the error
AUTHORIZATION REJECT (set) This action is restricted to
list owners.
This even after me being the listmaster, the same thing
happens even if I am
the list owner.

Not just do I get this, but also, sympa logs me out from
the interface.

Any help will be appreciated.

Thanks in advance,
Regards
Muhammed Sameer
Sysad
directi






Archive powered by MHonArc 2.6.19+.

Top of Page