On Jan 8, 2014, at 8:50 AM, Zhen Qian <zq...@umich.edu> wrote: > Hi, all: > > After successfully testing of the CoSign proxy cookie on the test CoSign > server, we updated the production CoSign server with the same settings. > However, the proxy cookie files are not working now. > ... > [Mon Jan 06 16:34:42 2014] [error] mod_cosign: netretr_proxy: 443 RETR: > (.+\\.mpathways|.+)\\.dsc\\.umich\\.edu cannot retrieve cookies. > [Mon Jan 06 16:34:42 2014] [error] mod_cosign: choose_conn: can't retrieve > proxy cookies
You need to configure the weblogin servers' cosign.conf to permit the service to retrieve proxy cookies. This is done by adding a "proxy" line for the service CN pattern. The relevant section from the cosign.conf man page: The proxy keyword allows a given service to retrieve proxy cookies for other services. proxy takes two arguments, a client CN regex and a path to a proxy file. The proxy file contains the hostname and service‐ name for the proxy cookies, one per line, whitespace‐delimited (see Examples). The CN regex must match a prior service entry in cosign.conf. The proxy keyword replaces the combination of the "P" flag with a path in older versions of Cosign. So you need to contact your weblogin administrators and ask them to add a "proxy" line for your service's CN. andrew
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss