Boyle Owen wrote:
-----Original Message-----From: Patrick Horgan [mailto:phorgan1@xxxxxxxxx] Sent: Wednesday, January 06, 2010 6:41 AMTo: users@xxxxxxxxxxxxxxxx Subject: Multiple ssh login promptsOn a site that I set up on fedora, https://ootbcomp.com, which brings you to a mediawiki installation, there are ten ssl login prompts each above the other, so if you log in to one of them, the next one down in the stack appears in my firefox browser. If I log in ten times I get the site, if I log in once and cancel the other nine I get one pane of the site and a refresh in the browser gets the whole site. After that I'm not prompted again unless I restart the browser of course. Does anyone have any idea what I did? I've never seen this behavior before. The system:How are your Basic Auth realms defined? Do you have a single realm with all content within? Or many parallel realms? Or nested realms?
Just one, set up in the Directory for wiki. Here's my ssl.conf
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost _default_:443>
DocumentRoot "/var/www/https"
DefineExternalAuth pwauth pipe /usr/local/libexec/pwauth
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/ootbcomp.crt
SSLCertificateKeyFile /etc/pki/tls/private/ootbcomp.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/https/">
Allow From All
AuthBasicProvider external
AuthBasicAuthoritative Off
AuthType Basic
AuthName "Password Required"
AuthExternal pwauth
Options FollowSymLinks
Require valid-user
</Directory>
<Directory "/var/www/https/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
Include /etc/httpd/conf.d/mailman.conf
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ScriptAlias /cgi-bin "/var/www/https/cgi-bin/"
Include /etc/httpd/conf.d/millwiki.include
</VirtualHost>
It includes inside the virtual host the mailman configuration and the
wiki configuration.
Here's the mailman.conf:
ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
<Directory /usr/lib/mailman/cgi-bin/>
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
Alias /pipermail/ /var/lib/mailman/archives/public/
<Directory /var/lib/mailman/archives/public>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AddDefaultCharset Off
</Directory>
RedirectMatch ^/mailman[/]*$ http://s2.ootbcomp.com/mailman/listinfo
and here's the millwiki.conf
Alias /wiki /home/ootbc/site/https/htdocs/mediawiki/index.php
Alias /index.php /home/ootbc/site/https/htdocs/mediawiki/index.php
<Directory "/home/ootbc/site/https/htdocs/mediawiki">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/home/ootbc/site/https/htdocs/mediawiki/upload">
AllowOverride None
AddType text/plain .html .htm .shtml
</Directory>
<Directory /home/ootbc/site/https/htdocs/mediawiki/config>
Options -FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/ootbc/site/https/htdocs/mediawiki/images>
Options -FollowSymLinks
AllowOverride None
</Directory>
RewriteEngine on
RewriteRule ^/wiki/en/(.*)$
/home/ootbc/site/https/htdocs/mediawiki/wiki.phtml?title=$1
The wiki seems to only use relative for it's content, certainly so for this initial load. The gets upon connecting unauthenticated (from ssl_request_log) are:You mention "panes" so I guess that components of the site are loaded with dojo ContentPanes or iframes or similar? If so, how do the hrefs look? Do they have absolute URLs (href="https://ootbcomp.com/path/to/content";) or relative links (href="/path/to/content")?
99.61.74.22 - - [06/Jan/2010:09:52:12 -0800] "GET /wiki/Main_Page HTTP/1.1" 200 7309 99.61.74.22 - - [06/Jan/2010:09:52:24 -0800] "GET /mediawiki/index.php?title=MediaWiki:Monobook.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:28 -0800] "GET /mediawiki/skins/common/shared.css?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:34 -0800] "GET /mediawiki/skins/common/commonPrint.css?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:38 -0800] "GET /mediawiki/index.php?title=-&action=raw&maxage=18000&gen=css HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:40 -0800] "GET /mediawiki/skins/monobook/main.css?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:40 -0800] "GET /mediawiki/skins/common/ajax.js?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET /mediawiki/skins/common/wikibits.js?207 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET /mediawiki/index.php?title=-&action=raw&gen=js&useskin=monobook HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET /mediawiki/index.php?title=MediaWiki:Common.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000 HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:43 -0800] "GET /favicon.ico HTTP/1.1" 401 480 99.61.74.22 - - [06/Jan/2010:09:52:46 -0800] "GET /mediawiki/index.php?title=MediaWiki:Print.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000 HTTP/1.1" 401 480
You see that there are 13 of them for which I receive 10 requests for username and password.
Patrick --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|