This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
To: modperl@apache.org From: John Walstra <johnw@cnet.com> Subject: Apache::AuthCookie and SSL Date: Thu, 14 Dec 2000 11:10:29 -0600 I'm having the problem with being logged out then I switch to a secure document. I have to log back in to get to the page. And when I go from a SSL page to a plain page it logs me out again. Any advise? Apache/1.3.12 (Unix) mod_perl/1.24 mod_ssl/2.6.6 OpenSSL/0.9.5a Apache::AuthCookie is version 2.011 I'm also using Embperl v1.2.1 from .htaccess in the protected directories AuthType Apache::AuthCookieHandler AuthName Apollo PerlAuthenHandler Apache::AuthCookieHandler->authenticate PerlAuthzHandler Apache::AuthCookieHandler->authorize require valid-user from httpd.conf PerlModule Apache::AuthCookieHandler PerlSetVar ApolloPath / PerlSetVar ApolloLoginScript /Protected/Login/login.epl # This is the action of the login.epl script above. <Files LOGIN> AuthType Apache::AuthCookieHandler AuthName Apollo SetHandler perl-script PerlHandler Apache::AuthCookieHandler->login </Files> Thanks, John === To: johnw@cnet.com From: JR Mayberry <jr.mayberry@e-vend.net> Subject: Re: Apache::AuthCookie and SSL Date: Fri, 15 Dec 2000 12:55:31 -0500 might wanna modify the source to set the domain to .yourdomain.com, as its probably now being set as secure.yourdomain.com or www.yourdomain.com i have the same setup here, it works fine.. === To: johnw@cnet.com From: JR Mayberry <jr.mayberry@e-vend.net> Subject: Re: Apache::AuthCookie and SSL Date: Fri, 15 Dec 2000 12:56:46 -0500 actually you should be able to do a PerlSetVar to set that as well PetSetVar ApolloDomain .yourdomain.com i think will work === To: modperl@apache.org From: Vivek Khera <khera@kciLink.com> Subject: Re: Apache::AuthCookie and SSL Date: Fri, 15 Dec 2000 13:01:51 -0500 >>>>> "JW" == John Walstra <johnw@cnet.com> writes: JW> I'm having the problem with being logged out then I switch to a JW> secure document. I have to log back in to get to the page. And JW> when I go from a SSL page to a plain page it logs me out JW> again. Any advise? Figure out how to make your web browser send the cookie to both the SSL and non-SSL versions of your pages. You're not being logged out; the cookie just is not being sent to you. === To: modperl@apache.org From: Vivek Khera <khera@kciLink.com> Subject: Re: Apache::AuthCookie and SSL Date: Fri, 15 Dec 2000 13:03:16 -0500 >>>>> "JM" == JR Mayberry <jr.mayberry@e-vend.net> writes: JM> might wanna modify the source to set the domain to .yourdomain.com, as JM> its probably now being set as secure.yourdomain.com or JM> www.yourdomain.com no need to modify source to do that. AuthCookie has a config option to do it for you. ===