Affects Version/s: 1.3
tomcat 6.0.16 and tomcat 5.5.26 (tried both)
centos 5 server (patched as of 2/15/2008)
firefox 126.96.36.199 and IE 7
Windows XP SP3 (release candidate)
tomcat 6.0.16 (windows service)
Cannot log in using internet explorer on the 1.3 release (was the same in 1.3-m2 and 1.3 rc1) using the war version.
At login screen, if you type in a username and password and click login, the user is redirected back to the site's front page as if you had been logged in, but the login link is still at the top, and the logged in user (username) does not appear at the top as if you'd never logged in.
This happens with the Admin account, superadmin, and any other account when logging in using Internet Explorer. Login works fine with firefox with any account.
XWiki installation is new, using the software described in the environment section.
In the simplest case, here are my installation and procedure in getting this to fail:
Creating a new tomcat instance (catalina base). Insuring tomcat worked without XWiki.
Shut down tomcat.
Unpacked the xwiki enterprise war version 1.3 into my webapps/xwiki folder.
Configured the database settings in WEB-INF/hibernate.cfg.xml.
Configured xwiki authentication settings, including validation key, encryption key (randomly generated) and cookie domain (full name of my site in my case; wiki.c1.hostmyhost.org)
Configured superadmin password.
Configured xwiki.work.dir=../work (I start my tomcat instance from the log directory, so the xwiki log ends up there)
Configured logging properties so that there is verbose (debug level) logging for user interaction (log4j.logger.com.xpn.xwiki.user=debug)
Attempt to log in as superadmin with IE... (doesn't work as described above)
Attempt to log in as superadmin with Firefox, works fine.
Other configurations include using a custom LDAP authentication module that I've written, and again... works in firefox perfectly, does not work in Internet Explorer.
I have defintely tried to clear all of my cookies, etc. I've even gone as far as installing a new Windows XP instance in a VM and trying that site first thing... still no go; so I'm not sure this is a cookie problem, but I can't prove otherwise. This could be a problem wiht security settings in IE, but I have tried a number of things including adding the site to my trusted sites, etc. I simply have never had this work with IE. Any suggestions I would be willing to try with a test instance, etc.
Just to be thourough; other configurations that have been used where this failed (but not done in the simple case above) included using the site over SSL and proxied through apache using proxy_ajp. Same exact results either way. I'll attach some log files of the point in time where the login happens (and it shows superadmin logged in), and my configuration files (minus any sensitive information).