Redmine authentication are confused by .illumos.org vs www.
After logging into Redmine via https://illumos.org/login (with stored cookie), subsequently loading a http://www.illumos.org/ URL will show the user as logged out, and vice versa. This is extremely annoying when issue links are provided externally. Maybe there should just be one canonical domain name.
Updated by Matt Lewandowsky about 9 years ago
Ideally, Redmine should be setting a non-secure cookie for .illumos.org as that should work for both HTTP and HTTPS, and also covering all illumos.org subdomains. I could probably do this trivially if I had access to a testing illumos-configured Redmine server.