Re: browser redirection loop

[Kris Steinhoff <steinhof@xxxxxxxxx>]

On Tue, Aug 16, 2005 at 08:19:43AM -0400, Kris Steinhoff wrote:
> Thanks Graeme, I'll start looking down those paths.
> 
> cheers
> -kris
> 
> On Tue, Aug 16, 2005 at 10:38:58AM +0100, Graeme Wood wrote:
> > On Mon, 15 Aug 2005, Kris Steinhoff wrote:
> > 
> > > Should there be files in /var/cosign/filter? Did I miss a step to
> > > populate that directory?
> > 
> > mod_cosign should write copies of the cookies it creates into that
> > directory.  If it isn't doing so, then it is either because it cannot
> > write into that directory, or it is unable to talk to the cosign server to
> > register a cookie.  The latter could be caused by an SSL failure, in which
> > case your apache logs on the cosign server and your web-server should tell
> > you. Alternatively, it may be some firewall between your server and the
> > cosign server that is preventing them from talking to one another.
> > 
> 

Turns out it was an SSL failure. Thanks, Graeme.

For those who might be interested, the solution to my problem with the
browser redirection loop was that the CN in my certificate didn't
share the same domain as the weblogin server. Not realizing that this
was a requirement, when I created the CSR I set the CN to "testing" or
something equally useless.

Thanks for the help and suggestions.
-kris

-- 
Kris Steinhoff
University of Michigan Health Service
Information Technology Services

Electronic mail is not secure, may not be read every day, 
and should not be used for urgent or sensitive issues.