>Number: 4325 >Category: mod_jserv >Synopsis: ApJServSecretKey with virtual hosts not working in c-code of >mod_jserv >Confidential: no >Severity: non-critical >Priority: medium >Responsible: jserv >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Apr 28 10:40:01 PDT 1999 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.6 + 1.0b3 >Environment: Linux 2.2.5, java 1.1.7 >Description: ApJServSecretKey is evaluated and used by the JVM but not by the apache server. I startet with the same Secret key for all JVM, defined in the global section of httpd.conf. This works. I added the ApJServSecretKey directive (for another file) in a virtual host section and modified the corresponding property file for the JVM. I restartet the JVM. As excpected the further requests failed because of authentication failure, because apache was still using the old secret. Then I restarted apache by with kill -HUP. Now apache should use the new secret for that virtual host, but it does not. >How-To-Repeat: Create a virtual host and a JVM for that virtual host. Try using them a common secret which is different from the global secret. >Fix: Correct the C-Code. For virtual hosts the Secret should be determined from the virtual host settings (if available). >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
