All Links to Resources Are Invalidated During One Edit Session (325944)

CAUSE

CMS 2001 Service Pack 1 (SP1) contains code that automatically renews the authentication token at the half-life of the cookie. For example, if your CMS cookie is set to expire after four hours (240 minutes), the automatic authentication renewal occurs at the beginning of the second hour (240 minutes divided by two).

Because the encoding of the resources is partially based on the authentication token, the encoding for all of the resources changes when the token is renewed. Therefore, the links to all of the resources also change.

Note that only resources in CMS are encoded in this manner, so no other CMS objects have this problem.

WORKAROUND

To work around this problem, use one of the following options:

Use the Server Configuration Application (SCA) to increase the cookie lifetime. When you do this, editors of the site can stay in Edit mode without having their resources changed for a longer time.

If you cannot use the first option, you can reverse the change that SP1 implements. The file that you must modify is located at \\Folder where CMS is installed\Server\Iis_nr\System\Access\Authenticate.inc. You may have to take this file out of read-only mode. Comment out the following lines (lines 120-129):

If Request.Cookies( "AUTH_TOKEN" ) <> "" Then
	Dim SecMgr, strNewToken, strOldToken
	strOldToken = Request.Cookies( "AUTH_TOKEN" )		
	Set SecMgr = AutoSession.Session.GetSecurityManager()	
	strNewToken = SecMgr.RenewCookieIfOld( Request.ServerVariables("REMOTE_ADDR"), strOldToken )
	If (StrComp( strNewToken,strOldToken,0 ) <> 0) Then
		Response.Cookies( "AUTH_TOKEN" ) = strNewToken
		Response.Cookies( "AUTH_TOKEN" ).Path = "/"		
	End If
End If

Remember to change the file back to read-only after you are finished.

All Links to Resources Are Invalidated During One Edit Session (325944)

SYMPTOMS

CAUSE

WORKAROUND