[SOLVED] Login fails due to cookie confusion of two OJS installations

I do not know if this has been described anywhere and if it is something one can fix on the OJS side or if its a server configuration problem.

We have two identical OJS installations on the same server: one for production, one for testing. The test system is a mirrored version of the other. I log in to the production system and work. When I then go to the test system, I cannot login. After entering username and password,the login page reloads, the fields are empty again and I am not logged in. There are no error messages. This is independent from the account I try to log in to. I have to delete browser cookies for both OJS instances when this happens.The login only fails with the test system and only, when the cookie of the production system was generated first. It happens in Firefox and Chrome.

Is there something one can change in the generation of the cookie to avoid this? Does anyone with several OJS installations also experience this?

Hi @heike_riegler,

Try changing the session_cookie_name setting in your config.inc.php on one of the two installations. If the cookies are colliding, that’ll resolve it.

Alec Smecher
Public Knowledge Project Team

Hi @asmecher ,

we made the suggested change and it worked. Login is working in both OJS now.

After some discussion with another IT guy, we also concluded why it only occurred one way around but not the other. The login problem was only with the test OJS, because this is a subdomain of our production OJS. The production OJS cookie is valid for its domain and all subdomains, hence the confusion.