mod_auth_cas and cookies?
Ames, Phillip
phillip.ames at uconn.edu
Sat Aug 4 09:15:17 EDT 2007
This is now fixed in the trunk. I am holding off on tagging it as a new version to see if I can improve interoperability with mod_auth_ldap in 2.0 based on any findings from the other active thread.
-Phil
-----Original Message-----
From: cas-bounces at tp.its.yale.edu on behalf of Josh Kelley
Sent: Thu 8/2/2007 6:31 PM
To: cas at tp.its.yale.edu
Subject: mod_auth_cas and cookies?
I'm trying to use mod_auth_cas for authentication on a Apache reverse
proxy, and it seems to be preventing the proxy from correctly passing
cookies.
Example:
browser requests http://proxyserver/
proxy forwards to http://realserver/
realserver adds a Set-Cookie: realsessionid cookie in its reply
proxyserver passes Set-Cookie: realsessionid header back to browser
browser includes Cookie: realsessionid header in subsequent requests
Without mod_auth_cas enabled on proxyserver, everything works. With
mod_auth_cas enabled, even though the browser includes the
realsessionid cookie in subsequent requests (along with the
MOD_AUTH_CAS cookie), only the MOD_AUTH_CAS cookie is included in the
proxy's forwarded requests to the real server; the realsessionid
cookie is absent.
Any suggestions?
Josh Kelley
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 3054 bytes
Desc: not available
Url : http://tp.its.yale.edu/pipermail/cas/attachments/20070804/aeb9b451/attachment.bin
More information about the cas
mailing list