OK I have managed to fix this issue but thought I'd mention it here just in case someone makes the same mistake I did! Due to the way the cookie domain was set it didn’t have the multi . notation as per requirements so was failing as a consequence. -- Bill On Thu, 15 Aug 2019 at 15:39, Bill Moo <mookimoo73@xxxxxxxxx> wrote: > > Hello, > > I am using Apache 2.4.29 on Ubuntu 18.04 and I am migrating a site > that has a directory that was originally protected via login using my > own CGI. As part of this migration I have changed this to use dbd via > pgsql and this works as expected, prompting me to login when I request > the directory in the URL. > > My original CGI created JavaScript accessible cookies when the user > was authenticated as they are needed by the pages to work. According > to the documentation for mod_authn_dbd it says that additional columns > will be set as environment variables in the form of > AUTHENTICATE_COLUMN if httpd was built against APR 1.3.0+. > > However, I’ve made various attempts at doing this using RewriteCond > and RewriteRule but I never get a cookie set regardless of what I do, > nor do I get anything in the error log either, so I’m evidently doing > something wrong. > > I would appreciate it if you could tell me how I can set cookies on a > successful login please as I'm totally baffled. > > This is taken from my Directory element: > AuthDBDUserPWQuery "SELECT U.PassHash PassHash, U.ID UID, U.UID UUID, > U.GID UGID, U.UserName UserName, G.ID GID FROM Subscriber.Users U, > Sunscriber.Groups G WHERE ((U.GID = G.UID) AND (email = %s))" > RewriteEngine On > RewriteCond %{HTTP_COOKIE} ^!uid [NC] > RewriteRule ^(.)$ - [CO=uid:%{AUTHENTICATE_UUID}:.localhost:1:/:0:0] > > I have tried many a variation on the above but sadly for me nothing works. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx