www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Feisthammel <pfeistham...@citrin.ch>
Subject mod_jserv/4325: ApJServSecretKey with virtual hosts not working in c-code of mod_jserv
Date Wed, 28 Apr 1999 17:32:56 GMT

>Number:         4325
>Category:       mod_jserv
>Synopsis:       ApJServSecretKey with virtual hosts not working in c-code of mod_jserv
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    jserv
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Wed Apr 28 10:40:01 PDT 1999
>Last-Modified:
>Originator:     pfeisthammel@citrin.ch
>Organization:
apache
>Release:        1.3.6 + 1.0b3
>Environment:
Linux 2.2.5, java 1.1.7
>Description:
ApJServSecretKey is evaluated and used by the JVM but not by the apache server.
I startet with the same Secret key for all JVM, defined in the global section
of httpd.conf. This works.
I added the ApJServSecretKey directive (for another file) in a virtual host
section and modified the corresponding property file for the JVM. 
I restartet the JVM. As excpected the further requests failed because of 
authentication failure, because apache was still using the old secret.
Then I restarted apache by with kill -HUP. Now apache should use the new secret
for that virtual host, but it does not.
>How-To-Repeat:
Create a virtual host and a JVM for that virtual host. Try using them a 
common secret which is different from the global secret.
>Fix:
Correct the C-Code. For virtual hosts the Secret should be determined from 
the virtual host settings (if available).
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <apbugs@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request ]
[from a developer.                                      ]
[Reply only with text; DO NOT SEND ATTACHMENTS!         ]




Mime
View raw message