PAPI Archivos

The PAPI authentication and authorization framework

PAPI@LISTSERV.REDIRIS.ES

Opciones: Vista Clásica

Use Monospaced Font
Por defecto enseñar Text Part
Esconda cabeceras de correo

Tema: [<< Primero] [< Prev] [Siguiente >] [Último >>]

Print Responder
Received: by LISTSERV.REDIRIS.ES (LISTSERV-TCP/IP release 14.5) with spool id 5957448 for [log in para visualizar]; Tue, 11 Nov 2008 18:39:57 +0100 from mail.rediris.es (ironport.rediris.es [192.187.16.16]) by listserv.rediris.es (Postfix) with ESMTP id B39C75C201 for <[log in para visualizar]>; Tue, 11 Nov 2008 18:29:55 +0100 (CET) from ovh.c17.es (HELO smtp.c17.net) ([91.121.10.19]) by mail.rediris.es with ESMTP; 11 Nov 2008 18:29:54 +0100 from localhost (localhost.localdomain [127.0.0.1]) by smtp.c17.net (Postfix) with ESMTP id 396AB1A2C00A for <[log in para visualizar]>; Tue, 11 Nov 2008 18:28:52 +0100 (CET) from smtp.c17.net ([127.0.0.1]) by localhost (ns23227.ovh.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rOJPm9E01bqR for <[log in para visualizar]>; Tue, 11 Nov 2008 18:28:45 +0100 (CET) from espinete.localnet (unknown [89.131.195.223]) by smtp.c17.net (Postfix) with ESMTP id 33B521A2C009 for <[log in para visualizar]>; Tue, 11 Nov 2008 18:28:45 +0100 (CET)
Content-Type: text/plain; charset="utf-8"
Date: Tue, 11 Nov 2008 18:29:31 +0100
X-IronPort-AV: E=Sophos;i="4.33,584,1220220000"; d="scan'208,217";a="45405633"
Reply-To: The PAPI authentication and authorization framework <[log in para visualizar]>
X-Virus-Scanned: Debian amavisd-new at c17.net
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-IronPort-Anti-Spam-Filtered: true
Sender: The PAPI authentication and authorization framework <[log in para visualizar]>
Content-Disposition: inline
Received-SPF: None identity=mailfrom; client-ip=91.121.10.19; receiver=mail.rediris.es; envelope-from="[log in para visualizar]"; x-sender="[log in para visualizar]"; x-conformance=spf_only
Emisor: Antonio José García Lagar <[log in para visualizar]>
User-Agent: KMail/1.10.1 (Linux/2.6.27-7-generic; KDE/4.1.2; i686; ; )
X-SBRS: 5.3
Organization: Compact Software International SA
X-IronPort-Anti-Spam-Result: Ao4BAF9QGUlbeQoTmWdsb2JhbACBdpI0AQEBAQEICwoHEa0MAYtKglsBew
Parts/Attachments: text/plain (70 lines)
Hola a todos.

Estoy intentando poner en marcha una infraestructura PAPI 1.5 y en principio 
he conseguido configurar correctamente tanto el AS como el PoA de forma que 
cuando completo el formulario de login, el listado de sitios disponibles me 
muestra correctamente el <Accept_File/> del PoA y puedo acceder sin problemas.

Pero al intentar hacer uso del la directiva <GPoA_URL>wayf:built-in</GPoA_URL> 
para que al intentar acceder al PoA, este me redirija el navegador hacia el 
AS, obtengo un error 403. El log de errores de apache es:

192.168.2.100 - - [11/Nov/2008:18:26:56 +0100] "GET /papi/index.html HTTP/1.1" 
302 359 "-" "Mozilla/5.0 (X11; U; Linux i686; es-ES; rv:1.9.0.3) 
Gecko/2008101315 Ubuntu/8.10 (intrepid) Firefox/3.0.3"
192.168.2.100 - - [11/Nov/2008:18:26:56 +0100] "GET 
/papi/PAPI/cookie_handler.cgi/PAPIASRedirector?PAPIPOAREF=12264244163334&PAPIPOAURL=http%3A%2F%2Fpoa1%2Epapi%2Ec17%2Enet%2Fpapi%2Findex%2Ehtml&ASID=C17AS 
HTTP/1.1" 302 - "-" "Mozilla/5.0 (X11; U; Linux i686; es-ES; rv:1.9.0.3) 
Gecko/2008101315 Ubuntu/8.10 (intrepid) Firefox/3.0.3"
192.168.2.100 - - [11/Nov/2008:18:26:56 +0100] "GET 
/papi/PAPI/cookie_handler.cgi/PAPIASRedirector?ATTREQ=PoAPrueba&PAPIPOAREF=12264244163334&PAPIPOAURL=http%3A%2F%2Fpoa1%2Epapi%2Ec17%2Enet%2Fpapi%2Findex%2Ehtml 
HTTP/1.1" 403 284 "-" "Mozilla/5.0 (X11; U; Linux i686; es-ES; rv:1.9.0.3) 
Gecko/2008101315 Ubuntu/8.10 (intrepid) Firefox/3.0.3"

Podríais ayudarme a localizar el error.
Muchas gracias a todos!!

Los ficheros de configuración del PoA son los siguientes:

poa.xml:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE PAPI_Configuration SYSTEM "file://usr/local/PAPI/PoA/etc/poa.dtd">
<PAPI_Configuration>
    <Global>
        <Accept_File>/usr/local/PAPI/PoA/etc/images/image_ok.png</Accept_File>
        <Reject_File>/usr/local/PAPI/PoA/etc/images/image_nok.png</Reject_File>
        <Debug>1</Debug>
        <HKey>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</HKey>
        <LKey>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</LKey>
        <Pubkeys_Path>/usr/local/PAPI/PoA/etc</Pubkeys_Path>
        <Lcook_Timeout>18000</Lcook_Timeout>
        <CRC_Timeout>1800</CRC_Timeout>
        <URL_Timeout>1800</URL_Timeout>
        <PAPI_AS id="C17AS" url="http://papi.c17.net/cgi-bin/AuthServer">C17 
Papi AS</PAPI_AS>
    </Global>
    <Server name="poa1.papi.c17.net" port="80" independent="false">
        <Location path="/papi" id="PoAPrueba" filtered="true" 
independent="false">
            <Hcook_DB>/usr/local/PAPI/PoA/poa1.papi.c17.net/lib/hcookdb</Hcook_DB>
            <GPoA_URL>wayf:built-in</GPoA_URL>
            <Req_DB>/usr/local/PAPI/PoA/poa1.papi.c17.net/lib/requestdb</Req_DB>
        </Location>
    </Server>
</PAPI_Configuration>

virtualServer.conf:
<VirtualHost *:80>
  ServerAdmin [log in para visualizar]
  ServerName  poa1.papi.c17.net
  DocumentRoot /usr/local/PAPI/PoA/poa1.papi.c17.net/www
  ErrorLog  /usr/local/PAPI/PoA/poa1.papi.c17.net/log/error.log
  CustomLog /usr/local/PAPI/PoA/poa1.papi.c17.net/log/access.log combined
    <Location /papi>
        PerlSetVar          Service_ID PoAPrueba
        PerlOptions         +ParseHeaders
        SetHandler          perl-script
        PerlAccessHandler   PAPI::Main
    </Location>
</VirtualHost>

ATOM RSS1 RSS2