httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Axel-Stephane SMORGRAV" <Axel-Stephane.SMORG...@europe.adp.com>
Subject RE: [users@httpd] Problems with ProxyPassReverseCookieDomain
Date Mon, 15 Oct 2007 13:31:00 GMT
Obviously the original poster has an application that only returns the domain part in the cookie
domain, hence the lack of rewriting despite ProxyPassReverseCookieDomain.

and no I do not make a habit of weeping over RFCs.


-ascs
____________________________________________
-----Message d'origine-----
De : solprovider@gmail.com [mailto:solprovider@gmail.com] De la part de solprovider@apache.org
Envoyé : lundi 15 octobre 2007 15:06
À : users@httpd.apache.org
Objet : Re: [users@httpd] Problems with ProxyPassReverseCookieDomain

Distinguishing between FQDN and Domain is barely relevant when discussing Cookies.  RFC2965
states, "Domain Defaults to the request-host."  Cookies default to using the FQDN as the Domain
if the Domain is not specified.  Specified domains must start with a period, must be exactly
one level below the server name, and are only returned to servers in the one level above the
period.  Read Section 3.3.2 and weep.  The drafters deliberately made Cookies as limited as
possible.
solprovider.com and www.solprovider.com cannot share Cookies even
though both addresses reach the same server.   Look at the Cookies in
your browser.  The server name will be part of the domain if no domain was specified (e. g.
www.cnn.com and www.networksolutions.com).

I wonder if the leading period is missing from "example.com".
".example.com" (leading period) would be sent to www.example.com and www1.example.com.  "example.com"
(no leading period) would only be sent to example.com.  Browsers should add the leading period
if domain is specified.

solprovider

On 10/15/07, Axel-Stephane  SMORGRAV
<Axel-Stephane.SMORGRAV@europe.adp.com> wrote:
> The behaviour observed by the original poster is correct: www.example.com is the host
FQDN - not the domain. The cookie _domain_ is example.com.
>
> A cookie which domain is example.com will be submitted by the UA to both www1.example.com
and www.example.com. The conclusion is that no rewriting of the cookie domain is required.
>
> However, the original poster states "it is named simply example.com" which makes me wonder
if he/she confuses the cookie name with its domain. In order to clear that up, it would be
nice to see a trace of the requests/responses between the UA and the reverse proxy.
>
>
> -ascs
>
> -----Message d'origine-----
> De : solprovider@gmail.com [mailto:solprovider@gmail.com] De la part 
> de solprovider@apache.org Envoyé : lundi 15 octobre 2007 10:11 À : 
> users@httpd.apache.org Objet : [users@httpd] RE: Problems with 
> ProxyPassReverseCookieDomain
>
> An "example.com" Cookie will be sent to www.example.com and www1.example.com.
>
> Questions for troubleshooting:
> Is www.example.com receiving the Cookie?  (Should be yes.) Is 
> www.example.com sending the Cookie when proxying to www1.example.com?  
> Is www1.example.com receiving the Cookie?  (Both should be yes, but 
> mod_proxy breaks in every other release.  This
> 2.2.1 changes state this issue was fixed.) Does the server software on 
> www1.example.com check the Domain field on incoming Cookies and ignore 
> Cookies from parent domains?  (Would mean overengineering. If the 
> Cookie arrives, use it.)
>
> When you write "parameters", do you mean HTTP Headers, QueryString 
> parameters, POST parameters, part of the URL, or something else?
>
> The parameters issue may require mod_rewrite.  Ttry this:
> RewriteEngine On
> RewriteRule ^/site/(.*)$ http://www1.example.com/$1 [P]
>
> solprovider
>
> ===
> From: Skiff Lad
> On: 20071002 14:59
> I seem to have a problem / misunderstanding regarding the use of the 
> ProxyPassReverseCookieDomain directive on 2.2.4 on Windows.
>
> I have www.example.com running 2.2.4. Within the httpd.conf file, I 
> have a number of redirect directive statements that send a user, based 
> on the URL, eg. www.example.com/site1 to www1.example.com etc. This 
> all works fine so that the user arrives on the www1 box and there is a 
> cookie correctly set with name www1.example.com
>
> It now transpires that I need to use ProxyPass to pass the parameters 
> coming in on the request to www.example.com onto www1.example.com - as 
> redirect doesn't send these initial parameters across.
>
> So, my httpd.conf file (on www.example.com) now looks like:
>
> ProxyPass /site1 http://www1.example.com ProxyPassReverse /site1 
> http://www1.example.com ProxyPassReverseCookieDomain www1.example.com 
> www.example.com
>
> But nothing seems to be happening. When I access 
> www.example.com/site1, there is a cookie correctly created (with the 
> right contents etc), however, it is named simply example.com, ie.
> there is no www. nor www1. prefixing - this breaks subsequent 
> processing on the www1.example.com box because there is no cookie 
> named accordingly.
>
> What am I doing wrong ? Do I need anything else ? Or am I being plain stupid ?
>
> Thanks
> Skiff

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message