httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 57538] New: Serving cached cookie when mod_cache is enabled
Date Thu, 05 Feb 2015 05:54:02 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=57538

            Bug ID: 57538
           Summary: Serving cached cookie when mod_cache is enabled
           Product: Apache httpd-2
           Version: 2.2.29
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P2
         Component: mod_cache
          Assignee: bugs@httpd.apache.org
          Reporter: mahi.babu@gmail.com

We have an application protected with Access Controls for authentication and
Single Sign-On. The Application is front ended by Apache 2.2.3 (64-bit) where
an agent is setup for access control.

We've enabled mod_cache to improve application performance and also configured
to ignore caching for Access Control cookies as they are used for Single Sign
On.  

However, apache is caching the cookies which can be seen under CacheRoot
directory. Also, while accessing an application, the Apache is flipping the
user's Access-Control Cookie (say user_1) with another Access-Control cached
cookie of another user (say user_2). 

We've set below mod_cache configuration in Apache configuration file so that
Apache should not cache Access-Control-Cookie, but it is not working

<IfModule cache_module>
    CacheRoot /opt/httpd/mod_cache
    CacheEnable disk /
   CacheStorePrivate On
    CacheIgnoreHeaders Set-Cookie Access-Control-Cookie
</IfModule>

Please let me know if this is a bug or i am missing something.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message