Hello,
like Charles Villemure in the mail "Inifite loop with mod_sspi, mod_proxy and mod_rewrite" I have set up a proxy with single sign on.
I'm using mod_auth_kerb vor SSO and a glassfish in the backend.
Like Charles I have the rules:
> RewriteEngine On
> RewriteCond %{LA-U:REMOTE_USER} (.+)
> RewriteRule .* - [E=RU:%1,NS]
> RequestHeader set REMOTE_USER %{RU}e
> RequestHeader unset Authorization
The last line is needed, because during the negotiation process a GET request with a very large (>10kB) authorization header is getting through to the glassfish, which would deny such a big request.
No, every time, a user authenticates, my glassfish is receiving the same request twice!
My guess is, at first it's the authorization request, where the authorization part is filtered out by the unset operation. And the second is the true request after succellful authentication.
Is this right and if so, is there a way to prevent the double request?
Thanks in advance,
Martin Koerner
--
GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT!
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|