On Jan 8, 2014, at 8:50 AM, Zhen Qian <[email protected]> wrote: > Hi, all: > > After successfully testing of the CoSign proxy cookie on the test CoSign > server, we updated the production CoSign server with the same settings. > However, the proxy cookie files are not working now. > ... > [Mon Jan 06 16:34:42 2014] [error] mod_cosign: netretr_proxy: 443 RETR: > (.+\\.mpathways|.+)\\.dsc\\.umich\\.edu cannot retrieve cookies. > [Mon Jan 06 16:34:42 2014] [error] mod_cosign: choose_conn: can't retrieve > proxy cookies
You need to configure the weblogin servers' cosign.conf to permit the service
to retrieve proxy cookies. This is done by adding a "proxy" line for the
service CN pattern. The relevant section from the cosign.conf man page:
The proxy keyword allows a given service to retrieve proxy cookies for
other services. proxy takes two arguments, a client CN regex and a
path to a proxy file. The proxy file contains the hostname and service‐
name for the proxy cookies, one per line, whitespace‐delimited (see
Examples). The CN regex must match a prior service entry in
cosign.conf. The proxy keyword replaces the combination of the "P"
flag with a path in older versions of Cosign.
So you need to contact your weblogin administrators and ask them to add a
"proxy" line for your service's CN.
andrew
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
