Ok, I was finally able to reproduce the sessionid. Now it's only left to do the same with the first part :)
"*bbf13a266d32aef6f89fb35f250db77d15f04516-sessionid* =e6c12bace0608a422bf03954086e4d0a2ec64e7396a95871af55d986d3c7517968aadfc203975fdc8433e824533229dd" So first part is HMAC-SHA1 of some data. How to find out the data? I tried to debug this with Eclipse & Play framework, but it seems I'm missing something :( Kay, what's the best debug tool for this? On Thursday, February 27, 2014 2:59:43 PM UTC+2, Kay Röpke wrote: > > It looks like a signature from playframework to me. > I would need to debug a little to figure it out, we really didn't > anticipate creating these cookies outside of the play. > > I think it's better if we solve this problem the proper way, by supporting > remote_user. Generating the cookie seems very brittle to me :( > > On Wednesday, February 26, 2014 2:57:58 PM UTC+1, Егор Морозов wrote: >> >> Btw, also there's first part in the cookie: >> "*bbf13a266d32aef6f89fb35f250db77d15f04516-sessionid* >> =e6c12bace0608a422bf03954086e4d0a2ec64e7396a95871af55d986d3c7517968aadfc203975fdc8433e824533229dd" >> >> What is bbf13...? Looks like the length of session id without dashes is >> different. >> > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
