I've found mention of other people suffering from firewalls messing up drupal logins but none of the offered fixes work for me, so I'm asking for help.
Here's the break down.
I have 2 versions of the same site (used for demos), one on 4.7 one on 5.1 (I am switching back and forward trying to isolate this problem), but I want to be on 5.1.
Internally I can get to my sites no problem, but we have to expose it externally to the outsite world. For that I have some firewall policies and rules to get an internal address showing up outside. This has worked for me in the past and it works for the 4.7 site
BUT
When I switch to the 5.1 version, something doesn't allow any users to log into drupal. The logs say they did ( "Session opened for admin"), but users keep ending up at the login page. If I don't go through the firewall there is no problem everything works as expected.
I'm pretty sure this is a cookie issue, but I don't know how to solve it.
Summary:
Linux, Apache 2, PHP 4.3. + Windows ISA firewall
Both drupal sites (5.1 and 4.7) can be used no problem internally.
4.7 Site is fine through the firewall rule
5.1 site can be navigated through the firewall but can't login as a drupal user.
Any ideas? Solutions? Advice (other than get rid of ISA... company directive sorry)?
Comments
cookie domain
So in the end I have commented out the section in sites/default/settings.php which refers to cookie domain. Now it works.
As I said I have a firewall which is exposing an internal domain to the outside world. This is done through link translations mappings.
This is obviously causing some problems for drupal 5.x (which must be a little more strict that 4.7) due to incorrectly matching cookie domains.
I guess I should go and read what I have just done now I have turned off cookie domains.
Hope this helps other folks