Re: Question about service cookie

[Kevin McGowan <clunis@xxxxxxxxx>]

On Sep 16, 2004, at 2:15 AM, ~{3B?u~} wrote:

> hi all,
>         I have installed the weblogin server on the host  
> "dev.trust.com",
> and deployed the cosign filter on the web server--"cosign.trust.com"  
> which
> need to be protected with cosign.
>         When I logged in the cosign.trust.com, as I had thought, my  
> request was
> redirected to the weblogin server--dev.trust.com, and the login form  
> with the
> hint "Authentication Required. You have not yet logged-in" was  
> displayed.
> Then I entered one user name and password and pressed the login  
> button, but
> it returned "Error: Cookies Required.This service requires that  
> cookies be
> enabled." But my cookie had been enabled.

I think Graeme's right;  one of the two cookies isn't being returned to  
the web server, and it looks like it is the cosign= or login cookie.

>         In the log file, there is :
> "192.168.0.169 - - [14/Sep/2004:00:55:51 +0800] "GET  
> /?cosign- 
> cosign@xxxxxxxxx=zhL9Tbs2UiFQdqCV5HNHzh24QC+3s4fAJ+q53t6jdNm5ShyQE7+pXv 
> lJiSYMiu5X5cikHRoQd79NzBLDny1Dr8BdEzT6YSueGYXzqeFW4-ry70ij4Gwa4d0- 
> Uq85;&https://cosign.trust.com:80/ HTTP/1.1" 200 4285

This is the request to the weblogin server that resulted in the login  
screen being displayed.

> 192.168.0.169 - - [14/Sep/2004:00:55:57 +0800] "POST / HTTP/1.1" 200  
> 1455"

This is you posting the login screen.  Do you have access to the logs  
on the service ( cosign.trust.com )?

What kind of web browser are you using?  You should see two cookies  
during this transaction:  the first one, from cosign.trust.com, is the  
service cookie and the second one, from the weblogin server,  
dev.trust.com, is the login cookie.  Did you accept both of these?

>       What's wrong? And who can give me some advice?
> chen

kevin