Reverse proxing through apache where backend server users cookie
authentication
Rajiv Ranjan 6 August 2005 00:54:14
Hi Guys,
I am trying to use apache as my reverse proxy for my backend server which uses
Cookie based authentication.
I am using mod_rewrite for the proxing part and am able to come till the login page.
But am unable to login to the system.
I suspect that it has something to do with the cookies not being reverse proxied or something.
I am using Apache 2..0.54 on a windows XP system.
Can anyone please tell me what probably could be the issue with my configuration?
Regards,
Rajiv.
---- Disclaimer ---- This is a confidential email. Tesco may monitor and record all emails. The views expressed in this email are those of the sender and not Tesco. Tesco Stores Limited, Tesco House, Delamare Road, Cheshunt, Herts, EN8 9SL: company number 519500.
-----Original Message----- From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] Sent: Montag, 18. Juli 2005 11:54 To: users@httpd.apache.org Subject: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hi Guys,
I am trying to use apache as my reverse proxy for my backend server which uses Cookie based authentication.
I am using mod_rewrite for the proxing part and am able to come till the login page. But am unable to login to the system. I suspect that it has something to do with the cookies not being reverse proxied or something.
I am using Apache 2..0.54 on a windows XP system.
Can anyone please tell me what probably could be the issue with my configuration?
Regards, Rajiv.
---- Disclaimer ---- This is a confidential email. Tesco may monitor and record all emails. The views expressed in this email are those of the sender and not Tesco. Tesco Stores Limited, Tesco House, Delamare Road, Cheshunt, Herts, EN8 9SL: company number 519500.
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
I added CO flag to my rewrite rule and checked in the browser to see if the cookies were created. They were not.
I am sending you the conf snippet I am using. Can you please tell where am I going wrong in it?
<VirtualHost <apache server iport>> ServerName <apache server ip> ProxyVia on RewriteEngine on RewriteLog logs/rajiv_rewrite.log RewriteLogLevel 9 Redirect / http://<apache server iport >/wps/portal RewriteRule ^/wps(.*) http://<my backend server ip and port>%{REQUEST_URI} /http/<apache server iport>/wps/portal/$1 [P,CO=JSESSIONID:%{HTTP_COOKIE}:<backend server domain, eg -.dev01.tesco.org>,CO=LtpaToken:%{HTTP_COOKIE}:.dev01.tesco.org] </VirtualHost>
_Rajiv
-----Original Message----- From: Boyle Owen [mailto:Owen.Boyle@swx.com] Sent: Monday, July 18, 2005 4:25 PM To: users@httpd.apache.org Subject: RE: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Plain text please...
The cookie is probably in the response so gets to the browser, but then does not get back to teh server via the RewriteRule.
-----Original Message----- From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] Sent: Montag, 18. Juli 2005 11:54 To: users@httpd.apache.org Subject: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hi Guys,
I am trying to use apache as my reverse proxy for my backend server which uses Cookie based authentication.
I am using mod_rewrite for the proxing part and am able to come till the login page. But am unable to login to the system. I suspect that it has something to do with the cookies not being reverse proxied or something.
I am using Apache 2..0.54 on a windows XP system.
Can anyone please tell me what probably could be the issue with my configuration?
Regards, Rajiv.
---- Disclaimer ---- This is a confidential email. Tesco may monitor and record all emails. The views expressed in this email are those of the sender and not Tesco. Tesco Stores Limited, Tesco House, Delamare Road, Cheshunt, Herts, EN8 9SL: company number 519500.
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
This e-mail is from outside Tesco - check that it is genuine. Tesco may monitor and record all e-mails.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
There is no reason that your cookie should be lost on it's way between the browser and the backend server. You do not need to do anything in particular to have the cookie forwarded to the application even when using rewrite rules for reverse proxying. Cookies are end-to-end headers and are not modified by Apache unless you do something peculiar in your configuration.
If the cookies are not included in requests from the browser, chances are that the browser does not send them. That can happen for several reasons: 1. The cookie domain does not match the domain of your site. 2. The cookie path does not match the path of the request. 3. The backend server does not set any cookies. 4. The secure cookie flag is set and the connection is not HTTPS.
You can check that by sniffing the HTTP exchanges between reverse proxy and backend server, or by using a browser tool like HTTPWatch.
-ascs
-----Original Message----- From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] Sent: Monday, July 18, 2005 1:50 PM To: users@httpd.apache.org Subject: RE: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hi Boyle,
I added CO flag to my rewrite rule and checked in the browser to see if the cookies were created. They were not.
I am sending you the conf snippet I am using. Can you please tell where am I going wrong in it?
<VirtualHost <apache server iport>> ServerName <apache server ip> ProxyVia on RewriteEngine on RewriteLog logs/rajiv_rewrite.log RewriteLogLevel 9 Redirect / http://<apache server iport >/wps/portal RewriteRule ^/wps(.*) http://<my backend server ip and port>%{REQUEST_URI} /http/<apache server iport>/wps/portal/$1 [P,CO=JSESSIONID:%{HTTP_COOKIE}:<backend server domain, eg -.dev01.tesco.org>,CO=LtpaToken:%{HTTP_COOKIE}:.dev01.tesco.org] </VirtualHost>
_Rajiv
-----Original Message----- From: Boyle Owen [mailto:Owen.Boyle@swx.com] Sent: Monday, July 18, 2005 4:25 PM To: users@httpd.apache.org Subject: RE: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Plain text please...
The cookie is probably in the response so gets to the browser, but then does not get back to teh server via the RewriteRule.
-----Original Message----- From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] Sent: Montag, 18. Juli 2005 11:54 To: users@httpd.apache.org Subject: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hi Guys,
I am trying to use apache as my reverse proxy for my backend server which uses Cookie based authentication.
I am using mod_rewrite for the proxing part and am able to come till the login page. But am unable to login to the system. I suspect that it has something to do with the cookies not being reverse proxied or something.
I am using Apache 2..0.54 on a windows XP system.
Can anyone please tell me what probably could be the issue with my configuration?
Regards, Rajiv.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
I suspect that it has something to do with the cookies not being reverse> proxied or something.
You may need the ProxyPassReverseCookieDomain and/or ProxyPassReverseCookiePath directives. If your version of mod_proxy doesn't support them, upgrade or patch it.
-- Nick Kew
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
There is no reason that your cookie should be lost on it's > way between the browser and the backend server. You do not > need to do anything in particular to have the cookie > forwarded to the application even when using rewrite rules > for reverse proxying. Cookies are end-to-end headers and are > not modified by Apache unless you do something peculiar in > your configuration.
Thanks for clarifying that.
Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored.
If the cookies are not included in requests from the browser, > chances are that the browser does not send them. That can > happen for several reasons:> 1. The cookie domain does not match the domain of your site.> 2. The cookie path does not match the path of the request.> 3. The backend server does not set any cookies.> 4. The secure cookie flag is set and the connection is not HTTPS.>
You can check that by sniffing the HTTP exchanges between > reverse proxy and backend server, or by using a browser tool > like HTTPWatch.>
-ascs>
-----Original Message-----> From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] > Sent: Monday, July 18, 2005 1:50 PM> To: users@httpd.apache.org> Subject: RE: [users@httpd] Reverse proxing through apache > where backend server users cookie authentication>
Hi Boyle,>
I added CO flag to my rewrite rule and checked in the > browser to see if the cookies were created. They were not.>
I am sending you the conf snippet I am using. Can you please > tell where am I going wrong in it?>
<VirtualHost <apache server iport>>> ServerName <apache server ip>> ProxyVia on> RewriteEngine on> RewriteLog logs/rajiv_rewrite.log> RewriteLogLevel 9> Redirect / http://<apache server iport >/wps/portal> RewriteRule ^/wps(.*) > http://<my backend server ip and port>%{REQUEST_URI}> /http/<apache server iport>/wps/portal/$1 > [P,CO=JSESSIONID:%{HTTP_COOKIE}:<backend server domain, eg -> .dev01.tesco.org>,CO=LtpaToken:%{HTTP_COOKIE}:.dev01.tesco.org]> </VirtualHost>>
_Rajiv>
-----Original Message-----> From: Boyle Owen [mailto:Owen.Boyle@swx.com]> Sent: Monday, July 18, 2005 4:25 PM> To: users@httpd.apache.org> Subject: RE: [users@httpd] Reverse proxing through apache > where backend server users cookie authentication>
Plain text please...>
The cookie is probably in the response so gets to the > browser, but then does not get back to teh server via the RewriteRule.>
I think you might have to copy the cookie explicitly. Check
-----Original Message----- From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] Sent: Montag, 18. Juli 2005 11:54 To: users@httpd.apache.org Subject: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hi Guys,
I am trying to use apache as my reverse proxy for my backend server which uses Cookie based authentication.
I am using mod_rewrite for the proxing part and am able to come till the login page. But am unable to login to the system. I suspect that it has something to do with the cookies not being reverse proxied or something.
I am using Apache 2..0.54 on a windows XP system.
Can anyone please tell me what probably could be the issue with my configuration?
Regards, Rajiv.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
Krist van Besien 19 July 2005 09:54:12 [ permanent link ]
On 7/18/05, Ranjan, Rajiv <Rajiv.Ranjan@in.tesco.com> wrote:> Hi Boyle,>
I added CO flag to my rewrite rule and checked in the browser to see if the cookies were created. They were not.>
I am sending you the conf snippet I am using. Can you please tell where am I going wrong in it?>
<VirtualHost <apache server iport>>> ServerName <apache server ip>> ProxyVia on> RewriteEngine on> RewriteLog logs/rajiv_rewrite.log> RewriteLogLevel 9> Redirect / http://<apache server iport >/wps/portal> RewriteRule ^/wps(.*)> http://<my backend server ip and port>%{REQUEST_URI}> /http/<apache server iport>/wps/portal/$1 [P,CO=JSESSIONID:%{HTTP_COOKIE}:<backend server domain, eg - .dev01.tesco.org>,CO=LtpaToken:%{HTTP_COOKIE}:.dev01.tesco.org]> </VirtualHost>
The domain part in your cookie needs to be the domain as the browser sees it, not the hostname of your backend server.
Suppose you have www.mydomain.com, and this is proxied to backendservers backend1.mydomain.com and backend2.mydomain.com. The applications on the backend servers need to set cookies where domain=www.mydomain.com. Would the application set a cookie with for example "domain=backend1.mydomain.com" then the browser receives a cookie for another machine than the one it thinks its connected too, and ignores it.
When the backend application sends a valid cookie there is nothing you need to do with it in the rewrite rules.
Another tip: Get yourself firefox with the "LiveHTTPHeaders" addon. That way you can see what headers (incl cookies) your browser gets, and what it sends back to the server upon the next request.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
I've been following this thread with great interest. A couple of months ago I was experiencing the same - I believe - problem. It involved the pubcookie (www.pubcookie.org) WebISO single sign-on software, which uses session cookies for authentication with a login server. It is my experience that they (the cookies) did indeed get lost between the backend server and the browser.
My configuration has Zope running behind Apache, using mod_rewrite to reverse proxy. I put enough print debug statements into the code (both pubcookie and Apache) to verify that the cookies were being created, but they never made it back tothe client. A much more clever programmer has created a solution, a patch to proxy_util.c.
(FWIW, it's possible that this mail client will mangle the underscore character to "=5f", such that mod(underscore)proxy... looks like mod=5Fproxy...)
This patch would seemingly need to be incorporated by the Apache development team, and that is apparently what Brett wanted to do, but obviously it didn't get there. Maybe this forum will help in that effort.
I have tried to contact Brett, and the pubcookie development team, for recommendations for further action, but have not received a reply.
I hope this helps. If I am in error, any clarification would be greatly appreciated.
Regards,
Peter Link
Axel-Stéphane SMORGRAV <Axel-Stephane.SMORGRAV@europe.adp.com> 07/18/2005 09:33 AM Please respond to users@httpd.apache.org
To <users@httpd.apache.org> cc
Subject RE: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
There is no reason that your cookie should be lost on it's way between the browser and the backend server. You do not need to do anything in particular to have the cookie forwarded to the application even when using rewrite rules for reverse proxying. Cookies are end-to-end headers and are not modified by Apache unless you do something peculiar in your configuration.
If the cookies are not included in requests from the browser, chances are that the browser does not send them. That can happen for several reasons: 1. The cookie domain does not match the domain of your site. 2. The cookie path does not match the path of the request. 3. The backend server does not set any cookies. 4. The secure cookie flag is set and the connection is not HTTPS.
You can check that by sniffing the HTTP exchanges between reverse proxy and backend server, or by using a browser tool like HTTPWatch.
-ascs
-----Original Message----- From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] Sent: Monday, July 18, 2005 1:50 PM To: users@httpd.apache.org Subject: RE: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hi Boyle,
I added CO flag to my rewrite rule and checked in the browser to see if the cookies were created. They were not.
I am sending you the conf snippet I am using. Can you please tell where am I going wrong in it?
<VirtualHost <apache server iport>> ServerName <apache server ip> ProxyVia on RewriteEngine on RewriteLog logs/rajiv_rewrite.log RewriteLogLevel 9 Redirect / http://<apache server iport >/wps/portal RewriteRule ^/wps(.*) http://<my backend server ip and port>%{REQUEST_URI} /http/<apache server iport>/wps/portal/$1 [P,CO=JSESSIONID:%{HTTP_COOKIE}:<backend server domain, eg - .dev01.tesco.org>,CO=LtpaToken:%{HTTP_COOKIE}:.dev01.tesco.org] </VirtualHost>
_Rajiv
-----Original Message----- From: Boyle Owen [mailto:Owen.Boyle@swx.com] Sent: Monday, July 18, 2005 4:25 PM To: users@httpd.apache.org Subject: RE: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Plain text please...
The cookie is probably in the response so gets to the browser, but then does not get back to teh server via the RewriteRule.
Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored.
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX.
-----Original Message----- From: Ranjan, Rajiv [mailto:Rajiv.Ranjan@in.tesco.com] Sent: Montag, 18. Juli 2005 11:54 To: users@httpd.apache.org Subject: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hi Guys,
I am trying to use apache as my reverse proxy for my backend server which uses Cookie based authentication.
I am using mod_rewrite for the proxing part and am able to come till the login page. But am unable to login to the system. I suspect that it has something to do with the cookies not being reverse proxied or something.
I am using Apache 2..0.54 on a windows XP system.
Can anyone please tell me what probably could be the issue with my configuration?
Regards, Rajiv.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
This patch would seemingly need to be incorporated by the Apache development team, and that is apparently what Brett wanted to do, but obviously it didn't get there. Maybe this forum will help in that effort.
The problem is that Brett must submit any patch himself; we can't take patches from anywhere but the bugzilla (issues.apache.org) or mailing list (dev@httpd) and from noone but the original author.
If he's submitted it to bugzilla or dev@httpd, I'd appreciate the bug no or message id, I'm fighting with similar cookie issues over in mod_aspdotnet.
Bill
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
http://www.issociate.de/board/post/102303/mod_proxy_and_authentication_cookies.html states:>When testing we found that the authentication cookie>is not retained after the response is retrieved from>the proxy module. This is a major problem because we>are using ACE/token authentication which uses one-time>passwords so silent re-authentication cannot happen.
What on earth does this mean? Does it mean that the reverse proxy does send a Set-Cookie back to the browser but that the browser ignores it? In that case maybe the cookie path is wrong, or the cookie domain is wrong. Maybe the cookie is marked as secured but the connection is not SSL. There are a variety of reasons why a browser would not submit a cookie to a server.
It would be interesting to see a network trace of such a scenario where the cookie is "lost", or have access to a web site where the problem occurs. I am convinced that the culprit lies outside Apache and that the network trace would uncover that.
I personnaly use Apache 2.0 quite extensively in different reverse proxy configurations with or without rewrite. In some cases an Apache authentication module sets an encrypted session cookie, in other cases it is the backend J2EE server that does set the cookie. And Apache has never lost a cookie.
If you are convinced that Apache does not forward the cookie, I would advise you to post a bug report to issues.apache.org/bugzilla and include a detailed description of the scenario leading to the problem. The scenario should be as simple as possible and reproductible.
-ascs
________________________________
From: Peter.Link@RegalBeloit.com [mailtoeter.Link@RegalBeloit.com] Sent: Tuesday, July 19, 2005 7:59 PM To: users@httpd.apache.org Cc: users@httpd.apache.org Subject: RE: [users@httpd] Reverse proxing through apache where backend server users cookie authentication
Hello:
I've been following this thread with great interest. A couple of months ago I was experiencing the same - I believe - problem. It involved the pubcookie (www.pubcookie.org) WebISO single sign-on software, which uses session cookies for authentication with a login server. It is my experience that they (the cookies) did indeed get lost between the backend server and the browser.
My configuration has Zope running behind Apache, using mod_rewrite to reverse proxy. I put enough print debug statements into the code (both pubcookie and Apache) to verify that the cookies were being created, but they never made it back tothe client. A much more clever programmer has created a solution, a patch to proxy_util.c.
(FWIW, it's possible that this mail client will mangle the underscore character to "=5f", such that mod(underscore)proxy... looks like mod=5Fproxy...)
This patch would seemingly need to be incorporated by the Apache development team, and that is apparently what Brett wanted to do, but obviously it didn't get there. Maybe this forum will help in that effort.
I have tried to contact Brett, and the pubcookie development team, for recommendations for further action, but have not received a reply.
I hope this helps. If I am in error, any clarification would be greatly appreciated.
Regards,
Peter Link
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org
"William A. Rowe, Jr." <wrowe@rowe-clan.net> wrote on 07/19/2005 04:36:07 PM:
At 12:58 PM 7/19/2005, Peter.Link@RegalBeloit.com wrote:>
This patch was developed by Brett Beaumont, and can be found here:> >http://www.issociate.> de/board/post/102303/mod_proxy_and_authentication_cookies.html> >
This patch would seemingly need to be incorporated by the Apache > development team, and that is apparently what Brett wanted to do, > but obviously it didn't get there. Maybe this forum will help in that
effort.>
The problem is that Brett must submit any patch himself; we can't> take patches from anywhere but the bugzilla (issues.apache.org) or> mailing list (dev@httpd) and from noone but the original author.>
If he's submitted it to bugzilla or dev@httpd, I'd appreciate the> bug no or message id, I'm fighting with similar cookie issues> over in mod_aspdotnet.
Unfortunately I do not have any of this information.
I did spend alot of time trying to trouble-shoot this. I assumed all along that there was a problem with the pubcookie software, but that turned out to be false. I put debug stuff in the pubcookie code, plus some in the apache code, to verify the creation and disappearance of the session cookies. I googled and eventually found and applied Brett's patch.
Suggestions?>
Bill >
---------------------------------------------------------------------> The official User-To-User support forum of the Apache HTTP Server
Project.> See <URL:http://httpd.apache.org/userslist.html> for more info.> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org> " from the digest: users-digest-unsubscribe@httpd.apache.org> For additional commands, e-mail: users-help@httpd.apache.org>
"William A. Rowe, Jr." <wrowe@rowe-clan.net> wrote on 07/19/2005 04:36:07 PM:
At 12:58 PM 7/19/2005, Peter.Link@RegalBeloit.com wrote:>
This patch was developed by Brett Beaumont, and can be found here:> >http://www.issociate.> de/board/post/102303/mod_proxy_and_authentication_cookies.html> >
This patch would seemingly need to be incorporated by the Apache > development team, and that is apparently what Brett wanted to do, > but obviously it didn't get there. Maybe this forum will help in that
effort.>
The problem is that Brett must submit any patch himself; we can't> take patches from anywhere but the bugzilla (issues.apache.org) or> mailing list (dev@httpd) and from noone but the original author.>
If he's submitted it to bugzilla or dev@httpd, I'd appreciate the> bug no or message id, I'm fighting with similar cookie issues> over in mod_aspdotnet.>
---------------------------------------------------------------------> The official User-To-User support forum of the Apache HTTP Server
Project.> See <URL:http://httpd.apache.org/userslist.html> for more info.> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org> " from the digest: users-digest-unsubscribe@httpd.apache.org> For additional commands, e-mail: users-help@httpd.apache.org>
