I am getting the same cookie error as other contributors, but having checked many times, I can't seem to work it out. Like Movix, I was uploading with the admin account, which had the same password as a regular user, but that didn't work. I then created a new DF user and couldn't get that to work either. I have checked and rechecked the credentials.

Any ideas?

Ok got a new one for ya. I've been trying to get UU working for a while now. The first error I got was the 403 Forbidden error. Fixed that by adding the cms_security_agents info for UU. Then I had the same cookie errors that was fixed by having UU send the ulogin and user_password fields.

The current problem I'm having is when 'Send Password Securely' is unchecked I get a 401 Unauthorized error in the Debugging tab. So naturally I tried it with 'Send Password Securely' checked and it no longer receives an error in the Debugging tab.

Instead what I'm getting is under the Server Response tab the page that's returned is exactly what you get if you login to DragonFly with incorrect credentials. I've verified several times that the username and password are correctly entered into UU and there are no spaces before or after any of the fields.

I'm only uploading the characterprofiler file without trying anything with admin logins. I figured if I can't get individual character uploads to work why bother. I am using FireFox and it is with an account that also has an identical admin account but the admin password is different.

One thing to note is in admin under modules I have the wowrosterdf module visible to Administrators Only since the GM doesn't want to use wowrosterdf cus it never worked right. I know it won't work with it setup this way but I wanted to keep from changing this until I got some response saying only admins can use this module. At least at that point I'd know that it's recognizing a user that's not an admin.

Is anyone else having a similar problem with it just not accepting correct login info?

DF probably doesn't support the secure password sending

<snip rant about what UU calls 'secure' actually being a big security hole>

Double-check you're sending the right user/pass

PleegWat wrote:DF probably doesn't support the secure password sending

Wouldn't that mean it wouldn't work for anyone who checks the secure password option with wowrosterdf? Previous posts say it works in some cases.

PleegWat wrote:Double-check you're sending the right user/pass

Scarto wrote:I've verified several times that the username and password are correctly entered into UU

My computer is plugged in too and I can browse web sites.

Has anyone ever heard of an update script just for UU that works independently from dragonfly but doesn't require the original version of wowroster to be installed? Seems to me if dragonfly was taken out of the picture for this one thing the problems would disappear and a cms is definitely not necessary for UU updating.

There are a few things that need to be done to get UU to work with DF. First you need to make sure that the dragonflycms security module is allowing the user agent for UU then with in UU you will need to find the correct form id's for the username and password last I checked it was username == ulogin and password us == user_password

The user agent has been inserted into the security_agents table of DF. That fixed the 403 Forbidden error. The ulogin and user_password fields are correct in UU and fixed the cookie issue but it's not accepting a correct username and password. Are there particular web server configurations that can alter how secure passwords are sent/recieved by/from UU? Can it vary by hosting provider or can the hosting provider have anything to do with it at all? My understanding of how UU sends the 'Additional Variables' is just like a browser using hidden HTML form fields. I'm not sure how UU sends passwords securely. I'm guessing via SSL/HTTPS but that's not setup with my current hosting account.

I'm trying not to have to spend the time to make a script just for UU uploads but the more I look into this the more I think that's the only option.

Signed,
Needs Help and Knows It

P.S. This has been by far THE most helpful thread I've found on the topic.

UU sends the password as a md5 hash

One version of DF was compatible with this setting (since it used to work on my test site), but most DF installs did not accept it

DF's security makes it hard to use UU with RosterDF
It might eb something Anaxent and I will have to look at when RosterDF 2.0 is released

PleegWat wrote:DF probably doesn't support the secure password sending

<snip rant about what UU calls 'secure' actually being a big security hole>

Double-check you're sending the right user/pass

I believe it is possible to use UU with https addresses, but it will fail on CA failiure.

I have a new class for UU that I might use to get around that.