Since your ProxyPass directive does not modify the URL path, you will only need ProxyPassReverseCookieDomain.
Rather than working in the dark, the best approach is to use a tool such as Firefox LiveHTTPheaders, or HTTPWatch (MSIE) to observe the cookies that are returned by the application server and see what cookie domain they contain. If that domain is obviously such that the browser will not submit it to the RP, then you definitely need a ProxyPassReverseCookieDomain. If you use FF but do not have LiveHTPHeaders and do not wish to install it, clear all the cookies in your browser (Tools>Options>Privacy>Show Cookies>RemoveAllCookies), connect to your application through the RP, and then see what cookies have appeared in the "Show Cookies" window. In the bottom pane you will see all cookie details, including the path and domain. Use that information to determine the right argument to ProxyPassReverseCookieDomain. -ascs -----Message d'origine----- De : dertown [mailto:[EMAIL PROTECTED] Envoyé : jeudi 15 novembre 2007 20:03 À : users@httpd.apache.org Objet : Re: [EMAIL PROTECTED] mainting session cookies with a reverse proxy I am running a reverse proxy to a back end web app with its own sign that uses session cookies. here is an what i have configured for the proxy the web app is an ajax app. <virtual host *:443> ProxyRequests Off ProxySSLEngine On ProxyPass / https://appserver.domain.com ProxyPassReverse / https://appserver.domain.com ProxyPassReverseCookieDomain appserver.domain.com proxy.domain.com ProxyPassReverseCookiePath proxy.domain.com / </virtualhost> that is the example it is withn a --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
