Bug #62100
closed
I have no session cookie after using FE_SESSION_KEY
100%
Description
I use the FE_SESSION_KEY to use one login with different (out of Browser) applications. Since typo3 version 6.2 I could still login but there is no session Cookie set.
The property
AbstractUserAuthentication::dontSetCookie
is confusing me. If it is FALSE it works. if it is TRUE it doesn't. Unfortunatly it is set inFrontendUserAuthentication::__construct()
to TRUE with the following Comment:
// Disable cookie by default, will be activated if saveSessionData() is called,
// a user is logging-in or an existing session is found
Unfortunatly it is NEVER activated!
And AbstractUserAuthentication::forceSetCookie has no effect!
And saveSessionData() does not exists!
Here is my workaround in TypoScriptFrontendController (of course there are many ways to fix it):
public function initFEuser() {
// ...
if (GeneralUtility::_GP('FE_SESSION_KEY')) {
// ...
if (md5(($fe_sParts[0] . '/' . $this->TYPO3_CONF_VARS['SYS']['encryptionKey'])) === (string)$fe_sParts[1]) {
// ...
$this->fe_user->forceSetCookie = 1;
$this->fe_user->dontSetCookie = FALSE; // THIS IS MY FIX
Updated by Gerrit Code Review about 10 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/34013
Updated by Gerrit Code Review over 9 years ago
Patch set 1 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/37939
Updated by Nils Heuermann over 9 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 8983b318bed0541c026cb391798244ad560bd3ce.
Updated by