Boyle Owen wrote:
-----Original Message-----From: Patrick Horgan [mailto:phorgan1@xxxxxxxxx] Sent: Wednesday, January 06, 2010 6:41 AMTo: users@xxxxxxxxxxxxxxxx Subject: Multiple ssh login promptsOn a site that I set up on fedora, https://ootbcomp.com, which brings you to a mediawiki installation, there are ten ssl login prompts each above the other, so if you log in to one of them, the next one down in the stack appears in my firefox browser. If I log in ten times I get the site, if I log in once and cancel the other nine I get one pane of the site and a refresh in the browser gets the whole site. After that I'm not prompted again unless I restart the browser of course. Does anyone have any idea what I did? I've never seen this behavior before. The system:How are your Basic Auth realms defined? Do you have a single realm with all content within? Or many parallel realms? Or nested realms?
Just one, set up in the Directory for wiki. Here's my ssl.conf LoadModule ssl_module modules/mod_ssl.so Listen 443 SSLPassPhraseDialog builtin SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) SSLSessionCacheTimeout 300 SSLMutex default SSLRandomSeed startup file:/dev/urandom 256 SSLRandomSeed connect builtin SSLCryptoDevice builtin <VirtualHost _default_:443> DocumentRoot "/var/www/https" DefineExternalAuth pwauth pipe /usr/local/libexec/pwauth ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel warn SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/pki/tls/certs/ootbcomp.crt SSLCertificateKeyFile /etc/pki/tls/private/ootbcomp.key <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/var/www/https/"> Allow From All AuthBasicProvider external AuthBasicAuthoritative Off AuthType Basic AuthName "Password Required" AuthExternal pwauth Options FollowSymLinks Require valid-user </Directory> <Directory "/var/www/https/cgi-bin"> SSLOptions +StdEnvVars </Directory> Include /etc/httpd/conf.d/mailman.conf SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" ScriptAlias /cgi-bin "/var/www/https/cgi-bin/" Include /etc/httpd/conf.d/millwiki.include </VirtualHost>It includes inside the virtual host the mailman configuration and the wiki configuration.
Here's the mailman.conf: ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/ <Directory /usr/lib/mailman/cgi-bin/> AllowOverride None Options ExecCGI Order allow,deny Allow from all </Directory> Alias /pipermail/ /var/lib/mailman/archives/public/ <Directory /var/lib/mailman/archives/public> Options Indexes MultiViews FollowSymLinks AllowOverride None Order allow,deny Allow from all AddDefaultCharset Off </Directory> RedirectMatch ^/mailman[/]*$ http://s2.ootbcomp.com/mailman/listinfo and here's the millwiki.conf Alias /wiki /home/ootbc/site/https/htdocs/mediawiki/index.php Alias /index.php /home/ootbc/site/https/htdocs/mediawiki/index.php <Directory "/home/ootbc/site/https/htdocs/mediawiki"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/home/ootbc/site/https/htdocs/mediawiki/upload"> AllowOverride None AddType text/plain .html .htm .shtml </Directory> <Directory /home/ootbc/site/https/htdocs/mediawiki/config> Options -FollowSymLinks AllowOverride None </Directory> <Directory /home/ootbc/site/https/htdocs/mediawiki/images> Options -FollowSymLinks AllowOverride None </Directory> RewriteEngine onRewriteRule ^/wiki/en/(.*)$ /home/ootbc/site/https/htdocs/mediawiki/wiki.phtml?title=$1
The wiki seems to only use relative for it's content, certainly so for this initial load. The gets upon connecting unauthenticated (from ssl_request_log) are:You mention "panes" so I guess that components of the site are loaded with dojo ContentPanes or iframes or similar? If so, how do the hrefs look? Do they have absolute URLs (href="https://ootbcomp.com/path/to/content") or relative links (href="/path/to/content")?
99.61.74.22 - - [06/Jan/2010:09:52:12 -0800] "GET /wiki/Main_Page HTTP/1.1" 200 7309 99.61.74.22 - - [06/Jan/2010:09:52:24 -0800] "GET /mediawiki/index.php?title=MediaWiki:Monobook.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:28 -0800] "GET /mediawiki/skins/common/shared.css?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:34 -0800] "GET /mediawiki/skins/common/commonPrint.css?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:38 -0800] "GET /mediawiki/index.php?title=-&action=raw&maxage=18000&gen=css HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:40 -0800] "GET /mediawiki/skins/monobook/main.css?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:40 -0800] "GET /mediawiki/skins/common/ajax.js?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET /mediawiki/skins/common/wikibits.js?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET /mediawiki/index.php?title=-&action=raw&gen=js&useskin=monobook HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET /mediawiki/index.php?title=MediaWiki:Common.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:43 -0800] "GET /favicon.ico HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:46 -0800] "GET /mediawiki/index.php?title=MediaWiki:Print.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000 HTTP/1.1" 401 480
You see that there are 13 of them for which I receive 10 requests for username and password.
Patrick --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx