Neil, I don't think there is any real experience using mod_auth_cas with either itk or ruid2. Any suggestions on better model for file-based session state storage when using itk?
-Matt On Tue, Feb 3, 2015 at 2:10 PM, Neil Sabol <nssa...@unm.edu> wrote: > Good day CAS users, > > > > I hope you are all well. > > > > Quick question – are any of you successfully and securely using > mod_auth_cas for Apache with mpm_itk or mod_ruid2? I’m thinking this may be > a bad idea and is sparsely documented for that reason… > > > > Mod_auth_cas creates cookies with the user/group identity dictated by > mpm_itk (instead of the web server’s identity) – thus, if CASCookiePath is > only writeable by the webserver’s identity, mod_auth_cas fails: > > > > [error] MOD_AUTH_CAS: Could not create cache metadata file > 'XXX/XXX/.metadata': Permission denied > > [error] [client XXX.XXX.XXX.XXX] MOD_AUTH_CAS: Cookie file > 'XXX/XXX/cookie' could not be created: Permission denied > > > > I’ve got it working but it required making the CASCookiePath world > read/writable which is bad. > > > > I appreciate any guidance or lessons learned that you can offer. > > > > Thank you in advance, > > -Neil > > -- > You are currently subscribed to cas-user@lists.jasig.org as: m...@forsetti.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- m...@forsetti.com PGP: E2144AD8 -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user