Phil Ames wrote
Can you use something like HttpFox
(https://addons.mozilla.org/en-US/firefox/addon/6647) to see if
mod_auth_cas is setting a new cookie with each 302 redirect?
When the CAS server first redirects to my directory, my browser
receives CASTGC and CASPRIVACY cookies. The URL includes a ticket.
The name used for my web server is "glast2". Then comes an infinite
loop with 3 redirects in each iteration.
1. My web server redirects to the /CAS/directory on itself, using its
name "www-glast". The browser receives a MOD_AUTH_CAS cookie.
2. My server www-glast redirects to the CAS server login page.
There are no cookies.
3. The CAS server redirects to glast2 with a new ticket number.
There are no cookies.
I wonder if the two names might be causing problems. My web
server's DNS entry is glast2.stanford.edu. In the apache
configuration, ServerName is www-glast. The root directory
configuration includes
RewriteCond %{HTTP_HOST} !^www-glast.stanford.edu [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule (.*) http://www-glast.stanford.edu/$1 [L,R]
I really want it to look like www-glast to the users, even though
that's a CNAME in DNS.
(I'm glad I didn't start testing with Internet Explorer. It never
detects the loop. It just runs and runs....)
----- the first 7 lines from HttpFox --------------------
00:00:41.186 0.580 1239 293 POST 302 Redirect to:
http://glast2.stanford.edu/CAS/?ticket=ST-3113-d1qYduwIO6tDeG9fBg19
https://glast-ground.slac.stanford.edu/cas/login?service=http%3a%2f%2fglast2.stanford.edu%2fCAS%2f
00:00:41.264 0.236 735 396 GET 302 Redirect to:
http://www-glast.stanford.edu/CAS/
http://glast2.stanford.edu/CAS/?ticket=ST-3113-d1qYduwIO6tDeG9fBg19
00:00:41.522 0.290 735 437 GET 302 Redirect to:
https://glast-ground.slac.stanford.edu/cas/login?service=http%3a%2f%2fglast2.stanford.edu%2fCAS%2f
http://www-glast.stanford.edu/CAS/
00:00:41.571 0.240 1075 270 GET 302 Redirect to:
http://glast2.stanford.edu/CAS/?ticket=ST-3114-qaXvG6Muj0GQgqetaybh
https://glast-ground.slac.stanford.edu/cas/login?service=http%3a%2f%2fglast2.stanford.edu%2fCAS%2f
00:00:41.615 0.240 782 396 GET 302 Redirect to:
http://www-glast.stanford.edu/CAS/
http://glast2.stanford.edu/CAS/?ticket=ST-3114-qaXvG6Muj0GQgqetaybh
00:00:41.875 0.370 735 437 GET 302 Redirect to:
https://glast-ground.slac.stanford.edu/cas/login?service=http%3a%2f%2fglast2.stanford.edu%2fCAS%2f
http://www-glast.stanford.edu/CAS/
00:00:41.931 0.180 1075 270 GET 302 Redirect to:
http://glast2.stanford.edu/CAS/?ticket=ST-3115-XVld2zSZWcGXXZIsUU9s
https://glast-ground.slac.stanford.edu/cas/login?service=http%3a%2f%2fglast2.stanford.edu%2fCAS%2f
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
