What does your logs show? What is your URL?
I would suggest using the block Liam suggested, and in your .htaccess
file for drupal add " RewriteCond %{REQUEST_URI} !^/cosign/" before the
RewriteRule at the end.
I normally also have this block, but with your current config I don't
think you need it.
<LocationMatch "/cosign">
CosignProtected On
CosignAllowPublicAccess Off
AuthType Cosign
</LocationMatch>
-John
On 12/15/10 4:22 PM, Lee, Brian wrote:
> Thanks Liam. I had tried that block before, and I just tried it again. Still
> redirecting. I am attaching my httpd.conf file and my
> drupal.onsp.umich.edu.conf file (the latter in the vhosts.d directory)
>
> --Brian
>
> -----Original Message-----
> From: Liam Hoekenga [mailto:[email protected]]
> Sent: Wednesday, December 15, 2010 3:55 PM
> To: Lee, Brian
> Cc: Montague, Mark; [email protected]
> Subject: RE: [Cosign-discuss] need mod_cosign.so binary (cosign 3)
>
> Your cosign/valid location is probably still cosign protected (based
> on what you sent us).
>
> Try this
>
> <Location /cosign/valid>
> SetHandler cosign
> CosignProtected Off
> Allow from all
> Satisfy any
> </Location>
>
>
> Liam
>
>
> Quoting "Lee, Brian" <[email protected]>:
>
>> In httpd.conf I have:
>>
>>
>>
>> CosignProtected On
>> CosignHostname weblogin.umich.edu
>> CosignRedirect https://weblogin.umich.edu/
>> CosignPostErrorRedirect https://weblogin.umich.edu/cosign/post_error.html
>> CosignService drupal.onsp
>> CosignCrypto /etc/apache2/ssl.key/server.key
>> /etc/apache2/ssl.crt/cosign.crt /etc/ssl/certs
>> CosignValidReference ^https?:\/\/.*\.umich\.edu(/.*)?
>> CosignValidationErrorRedirect
>> https://weblogin.umich.edu/cosign/validation_error.html
>>
>> #
>> Include /etc/apache2/vhosts.d/*.conf
>>
>> In vhosts.d/drupal.onsp.umich.edu.conf I have:
>>
>> <Location /cosign/valid>
>> RewriteEngine off
>> </Location>
>>
>> I just copied what I believe to be the relevant pieces. Also, I've
>> been messing in those quite a bit. This is just the last incarnation.
>>
>> I can give you more detail if you want.
>>
>> Thanks,
>> Brian
>>
>>
>>
>>
>> -----Original Message-----
>> From: Liam Hoekenga [mailto:[email protected]]
>> Sent: Wednesday, December 15, 2010 3:36 PM
>> To: Lee, Brian
>> Cc: Montague, Mark; [email protected]
>> Subject: Re: [Cosign-discuss] need mod_cosign.so binary (cosign 3)
>>
>> What does your cosign configuration look like in apache?
>>
>> Liam
>>
>>
>> Quoting "Lee, Brian" <[email protected]>:
>>
>>> So now I think I'm validating correctly, but I have a redirection problem..
>>>
>>> "The page isn't redirecting properly"
>>> --Brian
>>>
>>> From: Lee, Brian [mailto:[email protected]]
>>> Sent: Wednesday, December 15, 2010 2:12 PM
>>> To: Montague, Mark; [email protected]
>>> Subject: Re: [Cosign-discuss] need mod_cosign.so binary (cosign 3)
>>>
>>> Thanks Mark.
>>>
>>> I did manage to get my hands on a trusted cosign 3 binary from
>>> someone here, and it helped.
>>>
>>>
>>> It got rid of my errors about not understanding certain config options.
>>>
>>>
>>>
>>> For example:
>>>
>>>
>>>
>>> In my configuration, I use 'CosignValidReference', which was added
>>> in Cosign version 3.
>>>
>>> With my old mod_cosign.so, I get this error when I restart apache2
>>>
>>> "Invalid command 'CosignValidReference', perhaps misspelled or
>>> defined by a module not included in the server configuration"
>>>
>>> When I use the new binary, that error goes away.
>>>
>>>
>>>
>>> Now I have other problems (validation - not getting my cookie), but
>>> that was helpful. Thank you.
>>>
>>>
>>>
>>> --Brian
>>>
>>>
>>> From: Mark Montague [mailto:[email protected]]
>>> Sent: Tuesday, December 14, 2010 10:01 PM
>>> To: [email protected]; Lee, Brian
>>> Subject: Re: [Cosign-discuss] need mod_cosign.so binary (cosign 3)
>>>
>>> On December 14, 2010 10:22 , "Lee, Brian"
>>> <[email protected]><mailto:[email protected]> wrote:
>>> I tried like heck to get apsx2 installed so that I could compile my
>>> own cosign 3 binary, but it is extremely difficult to install that
>>> on my server. I will install one rpm, then get a list of
>>> dependencies a mile long, install some of those, then discover more
>>> dependencies. It's very difficult.
>>>
>>> Could someone send me a cosign (version 3) mod_cosign.so binary
>>> file? If it was compiled for any flavor of linux, I'll give it a try.
>>>
>>> I strongly recommend that you do not run any mod_cosign binary
>>> compiled by someone else, unless you personally know and trust that
>>> person. You may want to ask other Unix system administrators at
>>> your local institution if they have a the latest mod_cosign filter
>>> compiled for the version of SuSE that you are running.
>>>
>>> Keep in mind that apxs2 needs to be compiled for the same version of
>>> Apache HTTP Server that you are running, with the same options, same
>>> compilation switches, and same libraries. Therefore you should get
>>> apxs2 from the same place you got httpd. I have not run SuSE
>>> myself, but it looks like you need to install the apache2-devel
>>> package from the oss repository:
>>>
>>> http://forums.opensuse.org/archives/sf-archives/archives-software/331878-where-apxs-libapreq2-suse-10-2-a.html
>>>
>>>
>>> --
>>>
>>> Mark Montague
>>>
>>> [email protected]<mailto:[email protected]>
>>>
>>>
>>>
>>>
>>
>>
>> !DSPAM:4d09288c39762560778728!
>>
>>
>>
>>
>
>
> ------------------------------------------------------------------------------
> Lotusphere 2011
> Register now for Lotusphere 2011 and learn how
> to connect the dots, take your collaborative environment
> to the next level, and enter the era of Social Business.
> http://p.sf.net/sfu/lotusphere-d2d
>
>
> _______________________________________________
> Cosign-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
--
Manager of Network and Information Systems
http://www.vmhost.psu.edu
814-863-8334
------------------------------------------------------------------------------
Lotusphere 2011
Register now for Lotusphere 2011 and learn how
to connect the dots, take your collaborative environment
to the next level, and enter the era of Social Business.
http://p.sf.net/sfu/lotusphere-d2d
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
