Google "cookie path". The path specified in the cookie does not do you what you think.
Based on the one line of logging information provided, it is possible you're trying to access a cosign-protected portion of the web server insecurely, via http. The cookies, by default, are marked as secure and can only be sent over https. Since the IIS filter will never see the cookie from a request over http, it will redirect the user because it looks like they haven't logged in. You can try turning the secure flag off like this: <Cookie> <Secure>false</Secure> <HttpOnly>true</HttpOnly> </Cookie> See the example.cosign.dll.config to see exactly where to do this. Due to a 'feature', you need to specify both the <secure> and <httponly> options for this to work. Jarod On Thu, 30 Oct 2008 10:43:19 -0500, Wenzhuo Zhang <[EMAIL PROTECTED]> wrote: > Hi > > I think I find more detail about the problem. > When I run cosigndbg.dll I got following message in the log: > > Set-Cookie: > cosign-IISCosignDefault=XExAQs-J4ZUt56Yl4+9qRyxDccnZqqhnKxY3MkS7nPYcBjad9NEOQHSnIdcngMHZF-gZkrCW+y3jgjlCafd9WvZpe4vn-QDx09sE44RR8OsaxHGtFFusewST8BWu;path=/;secure > > It looks to me that when filter stores the service cookie, somehow > it can not find the path of the CookieDB folder. > I have made sure the permission is right. I even set everyone has > full control. But when I look at the CookieDB folder there is nothing. > > We are trying to testing our application on cosign, because one of > our client is using cosign.We really have a tight deadline. > Any help will be appreciated. > > Wenzhuo Zhang > > > Wenzhuo Zhang wrote: >> Hi >> I have installed a weblogin center cosign server on max os and >> an IIS cosign filter on windows server 2003. >> After authentication at cosign center server, IISCosignFilter >> will redirect to weblogin server again and ask to log in again. >> >> I got following message when I run cosignd in debug mode: >> >> >> debug: STARTTLS 2 >> debug: CHECK >> cosign=+c-xKCjKzi2xssa0iVemTtFVafT-yfI5tJRhVCYk15tN73p6EdeweeamzI4Q-iZ19xOtALaSoHDLM4WW-15Cb0mr5X6S0HJr-zNlFX5FfFDGyzjehY-9p6d2JyM8 >> debug: LOGIN >> cosign=+c-xKCjKzi2xssa0iVemTtFVafT-yfI5tJRhVCYk15tN73p6EdeweeamzI4Q-iZ19xOtALaSoHDLM4WW-15Cb0mr5X6S0HJr-zNlFX5FfFDGyzjehY-9p6d2JyM8 >> 192.168.0.22 t001 ldap >> debug: CHECK >> cosign=+c-xKCjKzi2xssa0iVemTtFVafT-yfI5tJRhVCYk15tN73p6EdeweeamzI4Q-iZ19xOtALaSoHDLM4WW-15Cb0mr5X6S0HJr-zNlFX5FfFDGyzjehY-9p6d2JyM8 >> debug: REGISTER >> cosign=+c-xKCjKzi2xssa0iVemTtFVafT-yfI5tJRhVCYk15tN73p6EdeweeamzI4Q-iZ19xOtALaSoHDLM4WW-15Cb0mr5X6S0HJr-zNlFX5FfFDGyzjehY-9p6d2JyM8 >> 192.168.0.22 >> cosign-IISCosignDefault=iMkYqSxGKaTVS6gBh01fPJw5iQSFm6HTMzHUQffTh8SraZ-ShdGGnxF6MP11IFtRyknBiGQX+yoZ2afm2E5laezyLHbLckl6xkDyBBqcAvejSVnY4A7jK0uo7r9l >> debug: STARTTLS 2 >> debug: CHECK >> cosign=+c-xKCjKzi2xssa0iVemTtFVafT-yfI5tJRhVCYk15tN73p6EdeweeamzI4Q-iZ19xOtALaSoHDLM4WW-15Cb0mr5X6S0HJr-zNlFX5FfFDGyzjehY-9p6d2JyM8 >> >> >> But in cosign filter logs I only have following: >> >> 10-29-2008 14:11:52 >> Starting Cosign Filter version 2.0.3 build 30 >> [10-29-2008 14:57:32] Unloading Cosign Filter. >> >> >> I saw something in cosign wiki mentioned about endless redirect. It >> says to enable cookies.I'm not sure what exactly it means. >> I'm just wondering if anyone knows about this problem, and how i can >> get more detail logs from IIS cosign filter. >> >> >> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's >> challenge >> Build the coolest Linux based applications with Moblin SDK & win great >> prizes >> Grand prize is a trip for two to an Open Source event anywhere in the >> world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> Cosign-discuss mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/cosign-discuss >> > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Cosign-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/cosign-discuss > ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
