Pascal Schmiel a écrit : > Sylvain Beucler schrieb: >> Pascal Schmiel a écrit : >>> Wesley Craig schrieb: >>>> On 05 Feb 2008, at 04:42, Pascal Schmiel wrote: >>>>> [Tue Feb 05 08:37:31 2008] [error] [client 192.168.110.155] >>>>> cosign_choose_conn: some servers returned UNKNOWN, referer: >>>>> https://weblogin.local/cosign-bin/cosign.cgi?cosign-list=ql5SepDP9cLC9ebAj2pAv8JTJlAD9h-BVmds7+RdZC1TRY09xSPo9M0MOrK9eE6VMQJt6Glq31479rnXK25FdqiU90AYtNT6fzT5-zhZV914kecEiImQpxvaAQn-;&http://192.168.111.34/ >>>>> >>>>> >>>>> >>>>> Feb 5 08:37:31 Cosign_auth cosignd[684]: connect: 127.0.0.1 >>>>> Feb 5 08:37:31 Cosign_auth cosignd[684]: STARTTLS 127.0.0.1 2 cgi-1 >>>>> Feb 5 08:37:31 Cosign_auth cosignd[684]: LOGIN admin ldap >>>>> 192.168.110.155 >>>>> Feb 5 08:37:31 Cosign_auth cosignd[684]: REGISTER admin ldap >>>>> 192.168.110.155 cosign-list >>>>> >>>>> What exactly does this error mean and how can I fix it? >>>> It's a warning from the CGI. Assuming you have only one cosignd, it >>>> probably means that the browser had a cosign login cookie, but that >>>> cosignd didn't know about the cookie. If you have more than one >>>> cosignd, then another possibility is that the login cookie wasn't >>>> replicated. Does it appear to be working, otherwise? >>>> >>>> :wes >>> I have only one cosignd, and... no, it is not working... I have >>> really no idea whats wrong. >> >> Hi, >> >> I get this error all the time, but my setup works fine though. Should >> I worry? =) >> >> Pascal, maybe you could describe what otherwise happen during login, >> aside from the error in the Apache log (What makes you say it doesn't >> work? Do you get a 500 internal error from Apache? What is the URL >> when you get the error?...). >> >> Cheers, >> > I'm redirected back to my service URL (in my case http://portal.local) > and apache displays me an 503 "Service Temporarily Unavailable" error. > So i think cosignd and the authentication goes well but there is a > problem with the apache2 module. > If you say you get the error all the time but it is working, maybe my > 503 error is not related with the "UNKNWON" error in the logfile...
Probably not, indeed. > The vhost config for portal.local is as follows: > <VirtualHost *:80> > ServerName portal.local > > ErrorLog "/var/log/error.log" > CustomLog "/var/log/access.log" combined > > CosignProtected Off CosignHostname 127.0.0.1 Are those 2 parameters ^^^ really on the same line? > CosignPort 6663 > CosignRedirect https://weblogin.local/ > CosignPostErrorRedirect https://weblogin.local/cosign/post_error.html > CosignCrypto /etc/cosign/certs/mod_cosign.key > /etc/cosign/certs/mod_cosign.crt /etc/cosign/certs/CA > > CosignHttpOnly On > > DocumentRoot "/var/www" > <Directory "/var/www/"> > CosignProtected On > CosignService list > </Directory> > </VirtualHost> Is there something in /var/log/syslog ? That's where cosignd yells at you ;) I remember getting a 503 error in the setup phase, but I don't remember what it was about exactly. Be sure to test your SSL setup, maybe mod_cosign doesn't recognise your certificate. -- Sylvain ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
