httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 47545] New: custom Cookie is not set in HTTP Headers while accessing a cached resource
Date Fri, 17 Jul 2009 07:17:10 GMT

           Summary: custom Cookie is not set in HTTP Headers  while
                    accessing a cached resource
           Product: Apache httpd-2
           Version: 2.0.63
          Platform: PC
        OS/Version: Windows 2000
            Status: NEW
          Severity: major
          Priority: P2
         Component: Core

We have a custom plugin which do Authentication and Authorization of user while
accessing the protected resource on 

webserver. After successful authentication of user the pluging sets a
"CustomeCookie"  which is later used for SSO.

Test Scenario:
1. Try to access a protected resource (http://localhost:port/test.html)
2. The plugin with capture the request and see that custom cookie is not
available, hence challenge the user for 

3. User Submits the credentials and the plugin creates the custom cookie and
set the same. (one can see the cookie 

using httpheader/liveheader).
4. Wait for the cookie expiration time (Cookie idle session time after which
the cookie is not valid and user is 

challenged again for credentials0 and the access the same resource . User will
be challenged as the cookie gets 

timeout and after user submits credentials  the plugin again set the custom
5.After successful re authentication the user is accessed to view the requested
resource , however the browser user 

the local copy of the page( as it get 304 response).
6. We could not see the "custom Cookie"  in browser in case if the resource is
cached in browser (We are using 

Mozilla), however if we clear the cache and re autheticate again we could see
the "Custom Cookie".

Note: The issue is not reproducible Internet Explorer.

Component version:
OS: Windows 2000
Apache WebServer: 2.0.63
Browser; Mozilla

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message