[pubcookie-users] configuration error: couldn't check access. No groups file?

Sacha Michel Mallais sacha at global-village.net
Fri Mar 30 12:23:41 PDT 2007 

Hi again everyone,

I think I've got my keyclient problem solved, but now I'm having a  
problem with the redirection that occurs after logging in via  
PubCookie.  If I set up the "testapp" directory as in the  
installation instructions, then navigate there with my browser, I get  
an error 500 Internal Server Error after logging in on the PubCookie  
login page.  I see this message in the error log (complete debug- 
level log appended to the end of this message):

[Fri Mar 30 12:10:15 2007] [crit] [client 192.168.9.12] configuration  
error:  couldn't check access.  No groups file?: /testapp/

 From what I've read on the various lists, it appears that  
mod_auth_apple.so is causing the problem, but I've not seen any  
solutions that work.  I've tried removing mod_auth_apple, tried  
replacing it with mod_auth or mod_auth_dbm, tried moving the  
mod_pubcookie AddModule/LoadModule declarations to above the ones for  
mod_auth_apple, all to no avail.  I also tried setting AllowOverride  
All and AuthAuthoritative off in my Directory directive, but they  
didn't work either.

Here is my vhost config:

PubcookieSessionCertFile "/private/etc/httpd/ssl.crt/newwest.global- 
village.net.crt"
PubcookieSessionKeyFile "/private/etc/httpd/ssl.key/newwest.global- 
village.net.key"
<Directory "/">
     # Require Pubcookie authentication for this directory
     AuthType CNetID
     PubcookieAppID "sitemaker"
     Require valid-user
     AllowOverride All
     AuthAuthoritative off
</Directory>

Does anyone have any suggestions?  Is PubCookie known to work on Mac  
OS X Server 10.4.8?

System:
Mac OS X Server 10.4.8
Apache 1.3


sacha


-- 
Sacha Michel Mallais             Senior Developer / President
Global Village Consulting Inc.   http://www.global-village.net/
PGP Key ID: 7D757B65             AIM: smallais
ObAd: read "Practical WebObjects" <fnord>
http://www.global-village.net/products/practical_webobjects


Complete debug log trace:
--------------START----------------------
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(2400): [client  
192.168.9.12] pubcookie_post_read: sr=182ded0
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(2356): [client  
192.168.9.12] pubcookie_hparse: main=0
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1655): [client  
192.168.9.12] pubcookie_user_hook: uri: /testapp/ auth_type: CNetID
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1778): [client  
192.168.9.12] pubcookie_user: going to check uri: /testapp/ creds: 1
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(177): [client  
192.168.9.12] dump_server_rec:\n\t\tdirdepth: 0\n\t\tnoblank: 0\n\t 
\tlogin: https://webiso.uchicago.edu/login/index.cgi\n\t\tappsrvid: \n 
\t\tauthtype_names: CNetID\n\t\tuse_post: 1\n        no_clean_creds: 0\n
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(190): [client  
192.168.9.12] dump_dir_rec:\n\t\tinact_exp: 1800\n                 
hard_exp: 28800\n                non_ssl_ok: 0\n\t\tappid: sitemaker 
\n                end_session: \n                session_reauth: -1 
\n                noprompt: 0
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1825): [client  
192.168.9.12] pubcookie_user: about to look for some cookies; current  
uri: /testapp/
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1235): [client  
192.168.9.12] get_cookie: pubcookie_g (0)
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1273): [client  
192.168.9.12]  .. return: xoGdDMIEBuaB4w13D68GlW95SRgGcBfPM/ 
7Y7m7L0jU1fmezhLdhIYQOua0HMyDd8bGrkKEr1V1jGuReVqH86uO826NbOERnKiDEPrCCwM 
x/KWeNpErHSJQlToCqzzNbZ9SmbD1hN+0gXwPgnvfofzhDqDh/ 
vtmwQLPh8fvQkq6nA2vBNEcskTfcmDMNRkz6HisMqOesfK2uX1tLMnl49JOD305aihKUiyOA 
CmDzevxsvg0byWjGH6XHBqpCgonYUFS59uwyhkr3o9mzCrR5q 
+wnlUB617XJ25iz9MXEmp80c3zY1ozLsnjGF1+oPQbQBu+UVOgdHfLvJXl3epROxZH77Tk 
+0c+fDohYxGfL4BnkuXa/ 
ov3naoQsw8EbgpavzTkHByUDMYVZVixGGtiGrpTyf7aiN5ppvc77S8di68Nc2ntmTrMm7LPl 
Y7ySU+8qxPkcdAZDmFdyK9lfPh6KlTlxu6uaQw==
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_unbundle_cookie: hello\n
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_priv_des: hello\n
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] get_crypt_key: myname=newwest.global-village.net,  
peer=newwest.global-village.net\n
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_safe: hello
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] Verifying signature with granting certificate
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_safe: goodbye, r: 0
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_priv_des: goodbye\n
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(697): [client  
192.168.9.12] clear_granting_cookie: setting cookie: pubcookie_g=;  
path=/; expires=Fri, 11-Jan-1990 00:00:01 GMT; secure
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1998): [client  
192.168.9.12] pubcookie_user: has granting; current uri is: /testapp/
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(2051): [client  
192.168.9.12] pubcookie_user: set type (CNetID) and user (t-9sacha)
[Fri Mar 30 12:10:14 2007] [info] [client 192.168.9.12]  
pubcookie_user: G cookie expired by 346; user: t-9sacha create:  
1175281408 uri: /testapp/
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1703): [client  
192.168.9.12]  .. user_hook: user failed
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(913): [client  
192.168.9.12] auth_failed_handler: hello
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(367): [client  
192.168.9.12] get_pre_s_token: token is -1091629834
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(993): [client  
192.168.9.12] Post URI before encoding length 9, string: /testapp/
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(996): [client  
192.168.9.12] Post URI after encoding length 12, string: L3Rlc3RhcHAv
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1042): [client  
192.168.9.12] g_req before encoding length 269, string:  
one=newwest.global- 
village.net&two=sitemaker&three=1&four=a5&five=GET&six=newwest.global- 
village.net&seven=L3Rlc3RhcHAv&eight=&hostname=newwest.global- 
village.net&nine=7&file=&referer=https://webiso.uchicago.edu/login/ 
index.cgi&sess_re=0&pre_sess_tok=-1091629834&flag=0
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(1178): [client  
192.168.9.12] auth_failed_handler: redirect sent. uri: /testapp/  
reason: 7
[Fri Mar 30 12:10:14 2007] [debug] mod_pubcookie.c(3377): [client  
192.168.9.12] cleanup
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2400): [client  
192.168.9.12] pubcookie_post_read: sr=182ded0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2356): [client  
192.168.9.12] pubcookie_hparse: main=0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1655): [client  
192.168.9.12] pubcookie_user_hook: uri: /PubCookie.reply auth_type:  
CNetID
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(3772): [client  
192.168.9.12] login_reply_handler: hello
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(3642): [client  
192.168.9.12] verify-url in: https://newwest.global-village.net/ 
L3Rlc3RhcHAv
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(3668): [client  
192.168.9.12] verify-url decoding: L3Rlc3RhcHAv
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(3676): [client  
192.168.9.12] verify-url path is: testapp/
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(3377): [client  
192.168.9.12] cleanup
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2400): [client  
192.168.9.12] pubcookie_post_read: sr=182ded0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2356): [client  
192.168.9.12] pubcookie_hparse: main=0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1655): [client  
192.168.9.12] pubcookie_user_hook: uri: /testapp/ auth_type: CNetID
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1778): [client  
192.168.9.12] pubcookie_user: going to check uri: /testapp/ creds: 1
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(177): [client  
192.168.9.12] dump_server_rec:\n\t\tdirdepth: 0\n\t\tnoblank: 0\n\t 
\tlogin: https://webiso.uchicago.edu/login/index.cgi\n\t\tappsrvid: \n 
\t\tauthtype_names: CNetID\n\t\tuse_post: 1\n        no_clean_creds: 0\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(190): [client  
192.168.9.12] dump_dir_rec:\n\t\tinact_exp: 1800\n                 
hard_exp: 28800\n                non_ssl_ok: 0\n\t\tappid: sitemaker 
\n                end_session: \n                session_reauth: -1 
\n                noprompt: 0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1825): [client  
192.168.9.12] pubcookie_user: about to look for some cookies; current  
uri: /testapp/
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1235): [client  
192.168.9.12] get_cookie: pubcookie_g (0)
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1273): [client  
192.168.9.12]  .. return: ghTxg1P8N8S/qfXzX+0HBHd 
+6N0WvcG135AlZyJJPRFLzJ5GLYQZbkCKkVXdlyInE7cUkiO0mSHCyRVtiGPhklnjGZebGIs 
CpHVX+efmmAuNIz7pPaEcvA/ 
IJKxNakk6G6llTNb2ktDUUenMTXqrax25Fl866JCW7gQh6yMGNPyXRP/ 
uGMTKa15YxR08PXAm6EpVvRX8p2itXodrPqXEO5v/Rx+rz/NLPPvjCAy48kxHo7/ 
PVcE5DB0BILnqG870QigQQlyPUtR3BrqIDc7CW12Y36rhh 
+1K9fy8TfLOt2VnWI8gFKWivh4BvO8N5Q4EsLsq8ZyMUuZmp4dQuXJL8Fo8cQbHlAtf7dZbB 
bjb+QX69xT9/ 
qwJE0aUPql9Poy5dh8ZsG85RQbM4L3rs8KKbJlrf4IXAVGE1CZgGXPGicGW4LYM44Sb2lLLO 
xsnTmal4sI0lb7e8lLL/+Nj5RP5DfElvrPgWA==
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_unbundle_cookie: hello\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_priv_des: hello\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] get_crypt_key: myname=newwest.global-village.net,  
peer=newwest.global-village.net\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_safe: hello
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] Verifying signature with granting certificate
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_safe: goodbye, r: 0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_rd_priv_des: goodbye\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(697): [client  
192.168.9.12] clear_granting_cookie: setting cookie: pubcookie_g=;  
path=/; expires=Fri, 11-Jan-1990 00:00:01 GMT; secure
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1998): [client  
192.168.9.12] pubcookie_user: has granting; current uri is: /testapp/
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2051): [client  
192.168.9.12] pubcookie_user: set type (CNetID) and user (t-9sacha)
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1235): [client  
192.168.9.12] get_cookie: pubcookie_transcred (0)
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1235): [client  
192.168.9.12] get_cookie: pubcookie_cred_sitemaker (0)
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2264): [client  
192.168.9.12] pubcookie_user: everything is o'tay; current uri is: / 
testapp/
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1719): [client  
192.168.9.12]  .. user_hook: user 't-9sacha'OK
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1722): [client  
192.168.9.12]  .. user_hook: new session
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_get_cookie_with_expire: hello\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_augment_rand_state: hello
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] Sufficient Randomness: nothing to do.
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_stringify_cookie_data: hello, user: t-9sacha\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_sign_bundle_cookie: hello\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_mk_priv_des: hello\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] get_crypt_key: myname=newwest.global-village.net,  
peer=newwest.global-village.net\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_mk_safe: hello, peer is newwest.global-village.net
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_mk_safe: goodbye, sig_len: 128
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_mk_priv_des: goodbye\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_sign_bundle_cookie: goodbye\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_sign_bundle_cookie: cookie: Q2r+EzFsgHQ/ 
Yh09sRzU4B4Z3KWq13ZBPX6Kfieex8Tn8StedxkWfeA2rNJRC7T2rqyAzjnC9zMn4NkgfuUl 
mSvJ8+RXlzRzexKhcTIecb+Fh/ 
eT6czFKcbqDkOHql0PjOWcpGYDDElsLcOOdmSmrsJsDpBnAVO/ 
lNxoF8GsnMxBu1RtvbErX3GN/1xcZ9lc9cirH9+lTsRXQAVsIKWl1WrKwijw/ 
x6CKhBwSW1v7/DKvso4pRnrlYen1/ 
Al2hmTN8yR33razYa1pu0hV0JLyRz3WUoqMwXmpPSix15x8SZNQY+ZBu02ZzycVTPkC 
+zXO+zQigNst75dpfm5MAbm5t2qL/zdChENSzfb2cu6V 
+GYDxKcsws0jCPd9ERrZt93d1ZBkHCEtYvwByqFGvlQyk8EHq6lvIBFD69iAYMhlYYEgYkhv 
Mn75RlIwJL6RemsyAPoxeJzqjjpe7J1zh3H476l5QaVvA==\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1303): [client  
192.168.9.12] libpbc_get_cookie_with_expire: goodbye\n
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1752): [client  
192.168.9.12]  .. user_hook exit: user 't-9sacha', type 'CNetID'
[Fri Mar 30 12:10:15 2007] [debug] mod_spnego_apple.c(499): [client  
192.168.9.12] mod_spnego_apple: Declining non-negotiate auth_type
[Fri Mar 30 12:10:15 2007] [debug] mod_digest_apple.c(588): [client  
192.168.9.12] mod_digest_apple: Declining non-digest auth_type
[Fri Mar 30 12:10:15 2007] [debug] mod_auth_apple.c(376): [client  
192.168.9.12] mod_auth_apple: Declining non-basic auth_type
[Fri Mar 30 12:10:15 2007] [crit] [client 192.168.9.12] configuration  
error:  couldn't check access.  No groups file?: /testapp/
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(3377): [client  
192.168.9.12] cleanup
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2400): [client  
192.168.9.12] pubcookie_post_read: sr=182ded0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(2356): [client  
192.168.9.12] pubcookie_hparse: main=0
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(1655): [client  
192.168.9.12] pubcookie_user_hook: uri: /favicon.ico auth_type: CNetID
[Fri Mar 30 12:10:15 2007] [error] [client 192.168.9.12] File does  
not exist: /Volumes/Data1/sacha/DocumentRoot/favicon.ico
[Fri Mar 30 12:10:15 2007] [debug] mod_pubcookie.c(3377): [client  
192.168.9.12] cleanup
--------------END----------------------

More information about the pubcookie-users mailing list