You may want to move this to [email protected] - this sure sounds like something in the core being the issue.
DW. On Fri, 30 Aug 2002, Martijn Schoemaker wrote: > Hi, > > Checked them and limits are set to 8Kb and looking at the header > sizes they don't exceed that. > > I did some other testing however and I don't think we are going > to like this... > > I put back an old libproxy.so from our (working) version shipped > with apache 1.3.12 into apach 1.3.26. And when I sniff the whole > kit'n kaboodle again I don't see the cookie duplication! If I put > back the version of 1.3.26, I DO see cookie duplication! > > Does anybody know what might cause this ? I know siteminder depends > on a patch which inserts an : ap_overlay_tables() statement which > is already in the version of 1.3.26. Has something been changed in > relation to passing headers to other modules ? Might this statement > now causing headers to be added twice ? > > Cheers, > Martijn Schoemaker > > Dirk-Willem van Gulik wrote: > > > Be aware that it *is* possible to get SM to produce a cookie sooooo big > > that it hits the 1024 (or wathever) single MIME line length limit of > > apache. See > > > > LimitRequestLine (http_core.c) > > LimitRequestFieldsize (http_core.c) > > > > and friends for more info. > > > > Dw. > > > > On Thu, 29 Aug 2002, Martijn Schoemaker wrote: > > > > > Hi, > > > > > > We use SM 4.51 and not yet the QMR4 web-agent. Will install > > > and try this out right away. In any case, this does not seem > > > to be a mod_proxy problem anyway. I did some more checking > > > and the browser problems are probably caused by the Set-Cookie > > > headers which are set multiple times. Also, the Cookies them- > > > selves for the user that works are smaller that the ones for > > > the user that don't work and this prolly gives strange effects > > > in IE (who whould have guessed ? :)) > > > > > > Anyway, this seems more like a SM/Cookie/RFC issue and has no > > > further relation with mod_proxy. > > > > > > Thanks all who replied for the input, and if insights change > > > y'all will hear from me :) > > > > > > Greetings, > > > Martijn Schoemaker > > > > > > P.S.: Does anyone know a browser-like test tool which handles > > > SSL and shows the actual data including headers ? I might > > > even build one myself, since debugging these issues is > > > now quite a pain in the *ss. I know there is an SSL ca- > > > pable wget, but it's pretty irritating with cookies etc. > > > > > > "Foust, Adam G." wrote: > > > > > > > We are beginning a Apache 1.3.26 reverse-proxy setup with SiteMinder. I > > > > have > > > > not seen the double Set-Cookie strangeness. We are using SiteMinder 4.61 > > > > with the QMR4 apache webagent. I've observed some strange URL rewriting > > > > issues involved with multi-domain sign-on and using cookie providers, > > > > but > > > > nothing that can't be worked around. > > > > > > > > Our setup is basically apache reverse-proxies (mod_proxy) behind F5 > > > > load-balancers. The reverse-proxies chain through intermediate firewalls > > > > through another (forward) mod_proxy to backend DMZ servers. > > > > > > > > I have been tracing HTTP headers and have not yet seen the behavior you > > > > describe. Are you running SiteMinder 5.0? > > > > > > > > > > -- > > > You have reached the end of the message. > > > Press [t] to go to the top of this message, or [c] to close it. > > > > > > > > > > > > > > -- > You have reached the end of the message. > Press [t] to go to the top of this message, or [c] to close it. > > >
