For almost two months, I've been trying to resolve an issue through Red Hat Support for the Satellite 5.3 product. I'm hoping someone here can fill in the final pieces of the puzzle that I've put together on my own. We have a pair of Satellite servers, sharing a common Oracle database backend. The problem is, we can log into the Web GUI if we access the servers by their individual hostnames, i.e. https://satellite01.example.com or https://satellite02.example.com. For failover purposes, we have a CNAME that is updated to point to the primary or secondary server. Every time we try to access the CNAME, https://satellite.example.com, we are redirected to the login page, over and over again. All SSL certificates were re-generated with the CN=satellite.example.com.
The catalina.log outputs are identical, until I hit the following section: Here the AuthFilter accepts the hostname (https://satellite01.example.com) HTTP request: 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.frontend.servlets.AuthFilter - ENTER AuthFilter.doFilter: 69.58.243.33 [Mon Nov 29 10:48:17 CST 2010] (/rhn/YourRhn.do) 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.allow_pxt_personalities 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: allow_pxt_personalities 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 0 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_1 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_1 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: dc53916f7ea87d05837c13c3b73f108a 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: dc53916f7ea87d05837c13c3b73f108a 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_2 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_2 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: 2b8eecf2f2a3e87a9c3ff6f9ed1046f7 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 2b8eecf2f2a3e87a9c3ff6f9ed1046f7 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_3 2010-11-29 10:48:17,160 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_3 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: 7fbca0d06172b51b77fe78c083823cc1 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 7fbca0d06172b51b77fe78c083823cc1 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_4 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_4 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: fa5b2b5832d2d529ba780cde13f53e13 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: fa5b2b5832d2d529ba780cde13f53e13 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.manager.session.SessionManager - recomputed [07902b01e3ffd5a734d599a849bbb54b] cookiekey [07902b01e3ffd5a734d599a849bbb54b] 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_database_lifetime 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_database_lifetime 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 3600 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.allow_pxt_personalities 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: allow_pxt_personalities 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 0 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_1 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_1 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: dc53916f7ea87d05837c13c3b73f108a 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: dc53916f7ea87d05837c13c3b73f108a 2010-11-29 10:48:17,161 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_2 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_2 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: 2b8eecf2f2a3e87a9c3ff6f9ed1046f7 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 2b8eecf2f2a3e87a9c3ff6f9ed1046f7 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_3 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_3 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: 7fbca0d06172b51b77fe78c083823cc1 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 7fbca0d06172b51b77fe78c083823cc1 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_4 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_4 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: fa5b2b5832d2d529ba780cde13f53e13 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: fa5b2b5832d2d529ba780cde13f53e13 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: ssl_available 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: ssl_available 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 1 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getBoolean() - ssl_available is : 1 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getBoolean() - Returning true: 1 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_database_lifetime 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_database_lifetime 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:48:17,162 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 3600 2010-11-29 10:48:17,163 [TP-Processor3] DEBUG org.apache.struts.util.ModuleUtils - Get module name for path /YourRhn.do 2010-11-29 10:48:17,163 [TP-Processor3] DEBUG org.apache.struts.util.ModuleUtils - Module name found: default 2010-11-29 10:48:17,163 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - Processing a 'GET' for path '/YourRhn' 2010-11-29 10:48:17,163 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - Looking for Action instance for class com.redhat.rhn.frontend.action.YourRhnAction 2010-11-29 10:48:17,163 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - Creating new Action instance Here the AuthFilter doesn't accept the CNAME (https://satellite.example.com) HTTP request: 2010-11-29 10:41:39,473 [TP-Processor3] DEBUG com.redhat.rhn.frontend.servlets.AuthFilter - ENTER AuthFilter.doFilter: 69.58.243.33 [Mon Nov 29 10:41:39 CST 2010] (/rhn/YourRhn.do) 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.allow_pxt_personalities 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: allow_pxt_personalities 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 0 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_1 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_1 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: dc53916f7ea87d05837c13c3b73f108a 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: dc53916f7ea87d05837c13c3b73f108a 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_2 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_2 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: 2b8eecf2f2a3e87a9c3ff6f9ed1046f7 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 2b8eecf2f2a3e87a9c3ff6f9ed1046f7 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_3 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_3 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: 7fbca0d06172b51b77fe78c083823cc1 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 7fbca0d06172b51b77fe78c083823cc1 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_secret_4 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_secret_4 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: fa5b2b5832d2d529ba780cde13f53e13 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: fa5b2b5832d2d529ba780cde13f53e13 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: ssl_available 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: ssl_available 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 1 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getBoolean() - ssl_available is : 1 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getBoolean() - Returning true: 1 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() called with: web.session_database_lifetime 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> Getting property: session_database_lifetime 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> result: null 2010-11-29 10:41:39,474 [TP-Processor3] DEBUG com.redhat.rhn.common.conf.Config - getString() - getString() -> returning: 3600 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.catalina.core.ApplicationDispatcher - servletPath=/ReLogin.do, pathInfo=null, queryString=null, name=null 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.catalina.core.ApplicationDispatcher - Path Based Forward 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.util.ModuleUtils - Get module name for path /ReLogin.do 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.util.ModuleUtils - Module name found: default 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - Processing a 'GET' for path '/ReLogin' 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.util.RequestUtils - Looking for ActionForm bean instance in scope 'request' under attribute key 'loginForm' 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.util.RequestUtils - Creating new DynaActionForm instance of type 'org.apache.struts.action.DynaActionForm' 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.util.RequestUtils - --> DynaActionForm[dynaClass=loginForm,username=,url_bounce=,password=] 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - Storing ActionForm bean instance in scope 'request' under attribute key 'loginForm' 2010-11-29 10:41:39,475 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - Populating bean properties from this request 2010-11-29 10:41:39,476 [TP-Processor3] DEBUG org.apache.commons.beanutils.BeanUtils - BeanUtils.populate(DynaActionForm[dynaClass=loginForm,username=,url_bounce=,password=], {}) 2010-11-29 10:41:39,476 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - Validating input form properties 2010-11-29 10:41:39,476 [TP-Processor3] DEBUG org.apache.struts.action.RequestProcessor - No errors detected, accepting input What configuration file or database table contains the server's hostname which causes "authenticationService.validate((HttpServletRequest)request, (HttpServletResponse)response)" to either succeed or fail? Can I solve this with an Apache mod_rewrite rule? I noticed the latest version of AuthFilter has quite a bit more code surrounding the HTTP request validation, but I'm hoping I can get the Satellite 5.3 version working.
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
