PAPI Archivos

The PAPI authentication and authorization framework


Opciones: Vista Forum

Use Monospaced Font
Por defecto enseñar Text Part
Mostrar todas las cabeceras de correo

Mensaje: [<< Primero] [< Prev] [Siguiente >] [Último >>]
Tema: [<< Primero] [< Prev] [Siguiente >] [Último >>]
Autor: [<< Primero] [< Prev] [Siguiente >] [Último >>]

Print Responder
12 Feb 2003 15:43:58 +0100
text/plain (52 lines)
[log in para visualizar] said:
> The 'AS is running under an apache2 server, with mod_ssl enabled, and
> PAPI 1.2.0. The machine is a Linux PC with Perl 5.8.0
> The PoA is running under apache1, with mod_perl installed, and
> PAPI-1.2.0. The machine is a Sun box with Perl 5.6.1 

Glad to know you are back to good old 5.6.1 ;-) Now, seriously: I have
been investigating the 5.8 problem you reported but have not found enough
time to test some ideas I have. By the way, in the process of looking for
information I have found something that could make possible to run PAPI
on an apache2 server without too much hassle. More on this in a week or

> Any thoughts?
> (I'm going bald due to the hair-pulling :) 

Don't despair. Your PAPI (did you know is a Spanish word you can translate
into "daddy"?) would not like you to get bald because of this...

I can see from the configuration you send that you are requesting cookies
for location /manual with service ID "manual" (as it is in your authentication
file) and trying to access a PoA at /manual with service ID "local".
This mismatch may cause this strange behavior, since I'm afraid the PoA
is going to get puzzled about the correct value to send. What amazes me is
that the PoA seems to be generating the cookies... it should not! (another
bug corrected for 1.2.1 Thanks!).

Second, I'm not sure about the mismatch beetween the Domain directive into
PAPI_Main and the URL you are using in the authentication file. Bear in
mind that your browser is perceiving it is going to connect to to get the access cookies and the server is
going to set the "domain" field in the cookies to "".
Even in the case they correspond to the same host, I'll bet the browser
will not install a cookie coming from as valid to
be sent back to And in the case it would install it,
I'm pretty sure it won't send the cookie back!

Hope this helps,

"Esta vez no fallaremos, Doctor Infierno"

Diego R. Lopez
[log in para visualizar]

The Spanish NREN
Tel:    +34 955 056 621
Mobile: +34 669 898 094