On Jan 24, 2007, at 11:00 AM, Wm.A.Stafford wrote:
A bit more info has emerged, the admin believes the Apache version is 1.3.20.
Running httpd -v will take away any shred of doubt.
I'll see if there is any interest in moving to the latest Apache but at this point I think that is probably not an option because there are a lot of other users of this system and they would all have to buy in. So I will need to proceed with configuration of the existing version.
Apache has made great strides since 1.3.20. For starters, any 1.3 version after that contains security fixes that you might want. As no other changes are made to that branch, an upgrade should not cause you any problems.
The proxy module that came with Apache 1.3 did not have the ProxyReverseCookiePath directive that I talked about earlier. See
http://httpd.apache.org/docs/1.3/mod/mod_proxy.html for documentation on the 1.3 mod_proxy module.Before we make any more guesses about the nature of your problem, I would like to learn from you whether the Cookie path mismatch is actually causing your issue. Could you run the following test on your application:
1) Clear your browser cache and cookie store 2) Connect to your application through the Apache proxy and log in 3) Go back to your cookie store, see if anything emerged and send us thecontents of any JSESSIONID cookies. Feel free to obfuscate as you see fit, as long as we have enough information to work with (domain and path
are of paramount interest, as well as the complete URL you used to access your application in step 2. Thanks, S. -- sctemme@xxxxxxxxxx http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|