|
cosign-discuss at umich.edu |
| general discussion of cosign development and deployment | |
Testing out the POST error handling in the case where your session may have timed out and you get redirected back to the login server. Looks like the apache filter creates the redirect to https://weblogin.example.com/login/basicosign.cgi?https://weblogin.example.com/post_error.html=8ntlC3I......A9f4XtYVmg;&https://servicebox.example.com/cgi-bin/someform.cgi Normally you have ?cosign-servicename=COOKIE;&https://originalpage/ In this case the service part seems to be replaced by the post_error page, and so basicosign.cgi is showing an error with 'Unrecognized Service', rather than showing that post_error.html page. Here's the filter's Apache configuration: CosignService servicebox.example.com CosignCrypto /var/lib/cosign/ssl/key.pem /var/lib/cosign/ssl/cert.pem /var/lib/cosign/certs CosignHostname weblogin.example.com CosignRedirect https://weblogin.example.com/login/basicosign.cgi CosignPostErrorRedirect https://weblogin.example.com/post_error.html Any clues? -- Brian Hatch Arkansas: One Systems and Million People, Security Engineer Fifteen Last Names http://www.ifokr.org/bri/ Every message PGP signed
Attachment:
signature.asc
Description: Digital signature