httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Whittington, Langdon E. (LNG-DAY)" <Langdon.E.Whitting...@lexisnexis.com>
Subject RE: [users@httpd] Apache 1.3.33 digest authentication nonce error
Date Thu, 18 Nov 2004 13:46:30 GMT
Here's the first part of what's logged when I start up and run apache.
Notice version 1.3.33.

[Tue Nov 16 12:57:06 2004] [notice] Apache/1.3.33 (Unix) configured --
resuming normal operations
[Tue Nov 16 12:57:06 2004] [notice] Accept mutex: fcntl (Default: fcntl)
[Tue Nov 16 12:57:41 2004] [error] [client 138.12.166.198] Client is using a
nonce which was not issued by this server for this context: /cgi-bin/te
st.cgi

For cgi access, the problem occurs just once in a while. For example, in the
browser if I refresh 10 times repeatedly I get the error perhaps once. Could
something be restarting in apache after so many accesses? I have
MaxRequestsPerChild set to 5000.

I have recompiled apache now to use mod_auth_digest and it does not exhibit
the problem.  I'll switch over to using mod_auth_digest.

Thanks for your help.

-----Original Message-----
From: Joe Orton [mailto:jorton@redhat.com] 
Sent: Wednesday, November 17, 2004 3:39 PM
To: Whittington, Langdon E. (LNG-DAY)
Cc: 'users@httpd.apache.org'
Subject: Re: [users@httpd] Apache 1.3.33 digest authentication nonce error

On Tue, Nov 16, 2004 at 01:21:52PM -0500, Whittington, Langdon E. (LNG-DAY)
wrote:
> I recently downloaded and compiled apache 1.3.33 on Solaris 9. 
> 
> I included mod_digest.c in the build. 
> 
> I get the following error when trying to access dynamic content (cgi):
> 
>             Client is using a nonce which was not issued by this server
for
> this context: /cgi-bin/test.cgi

There was a bug which caused this to occur regularly in 1.3.31, but it's
fixed in 1.3.32 and .33. Are you definitely using .33?

The message will occur even in .32 and .33 if:

1) you restart the server

2) the server is listening on multiple IP addresses e.g. using DNS
round-robin, and the client switches between IP addresses between
requests (perhaps unlikely)

But it doesn't sound like either of the above are true, and the fact
that it only occurs for CGI is weird, I can't think why that would be
so.

The code is a bit of a hack, as Joshua said you're better off using
mod_auth_digest which avoids the issue.

joe

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message