[pubcookie-users] Assorted implementation notes
Nathan Dors
dors at cac.washington.edu
Wed Jun 25 11:57:04 PDT 2003
Thanks Troy, (2) is fixed online and in cvs. Easy.
I'll forward (1) to the pubcookie-dev list. If we're
going to say we work with Apache-SSL we'll have to
adjust something there.
And (3) may be a bug or a feature. The mod_pubcookie
guru's will have to say. Thanks for passing this all
in and articulating it so well.
-Nathan
On Tue, 24 Jun 2003, Troy Davis wrote:
> Thanks for a very useful tool. Here are a couple notes from my first
> installation.
>
> 1) ap_hook_call() is called at line 1250 of mod_pubcookie.c. ap_hook_call()
> comes with mod_ssl's Extended API, which Apache-SSL doesn't use or install.
> mod_pubcookie.so won't load since it can't resolve ap_hook_call().
>
> Commenting out lines 1250-1257 works around the problem. Pubcookie seems
> to work fine with that change, though certainly without that callback's
> authentication debugging info.
>
> 2) http://www.pubcookie.org/docs/install-login.html refers to
> /usr/local/pubcookie/bin/keyclient in one place rather than
> /usr/local/pubcookie/keyclient
>
> 3) mod_pubcookie calls ap_get_server_name() to find the server hostname
> for redirects; that call uses reverse DNS (well, /etc/hosts) rather than
> Apache's ServerName or the VirtualHost name.
>
> I had machine.foo.com everywhere except machine.foo.net in /etc/hosts. The
> redirection went from the app on the .com hostname to the login page on
> .com, instantly to the app again on the .net hostname, then right back to
> the login page on .com, which said that the user is already logged in.
> Didn't debug it much, so this is just a heads up to other users that the
> reverse DNS matters.
>
> Cheers,
>
> Troy
> _______________________________________________
> pubcookie-users mailing list
> pubcookie-users at u.washington.edu
> http://mailman.u.washington.edu/mailman/listinfo/pubcookie-users
>
More information about the pubcookie-users
mailing list