Hi ,
Im running trac 1.0.9 on FreeBSD behind a cosign auth.
I am getting lots and lots of 503 service unavailable errors.
I notice when I get them it looks like the authentication is not happening
, the username field should have the authenticated username and is not
being populated (see below)
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/css/trac.css HTTP/1.1" 503 299
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/css/wiki.css HTTP/1.1" 503 299
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/js/jquery.js HTTP/1.1" 503 299
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/js/trac.js HTTP/1.1" 503 299
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/js/search.js HTTP/1.1" 503 299
128.91.196.14 - username [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/js/folding.js HTTP/1.1" 304 -
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/js/babel.js HTTP/1.1" 503 299
128.91.196.14 - username [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/trac_logo_mini.png HTTP/1.1" 304 -
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/js/trac.js HTTP/1.1" 503 299
128.91.196.14 - username [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/site/penn_fulllogo.gif HTTP/1.1" 200 4431
128.91.196.14 - - [14/Sep/2016:16:53:43 +0000] "GET
/trac/chrome/common/js/search.js HTTP/1.1" 503 299
128.91.196.14 - username [14/Sep/2016:16:53:44 +0000] "GET
/trac/chrome/common/trac.ico HTTP/1.1" 200 3638
128.91.196.14 - - [14/Sep/2016:16:54:18 +0000] "GET /trac/wiki HTTP/1.1"
503 299
I have attached my httpd.conf and vhost container wondereing if anything is
sticking out as being misconfigured
Mike
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
<VirtualHost xxx.xxx.xxx.xxx:443>
ServerName REDACTED.edu
DocumentRoot /var/www/trac/htdocs
SSLEngine on
SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
SSLHonorCipherOrder on
################commented out to use default values GMS
5/5/16###############
#SSLProtocol +TLSv1.2
SSLCertificateFile "REDACTED"
SSLCertificateKeyFile "REDACTED"
SSLCACertificateFile "REDACTED"
#CosignProtected off
CosignProtected on
CosignHostname someprovider.com
CosignCheckIP never
CosignService REDACTED
CosignRedirect https://someprovider.com/login
CosignPostErrorRedirect https://someprovider.com/post_error.html
CosignFilterDB /var/cosign/filter
CosignCrypto REDACTED
CosignValidReference https://some\.provider\.com\/.*
CosignValidationErrorRedirect http://someprovider.com/_error.html
<IfModule reqtimeout_module>
RequestReadTimeout header=0
RequestReadTimeout body=0
</IfModule>
###commented out by gms 6/17/16
######Aded by GMS 6/17/16
<Directory "/var/www/trac/htdocs/site">
AuthType Cosign
CosignRequireFactor some_domain.edu
Require valid-user REDACTED
#Order allow,deny
#Allow from all
#Alias /trac/chrome/site /var/www/trac/htdocs/site
</Directory>
<Directory "/var/www/trac/htdocs">
AuthType Cosign
CosignRequireFactor some_domain.edu
Require valid-user REDACTED
#Order allow,deny
#Allow from all
</Directory>
<Directory "/var/www/trac/htdocs/common/css">
AuthType Cosign
CosignRequireFactor some_domain.edu
Require valid-user REDACTED
#Order allow,deny
#Allow from all
</Directory>
<Directory "/var/www/trac/htdocs/common">
AuthType Cosign
CosignRequireFactor some_domain.edu
Require valid-user REDACTED
#Order allow,deny
#Allow from all
</Directory>
<Directory "/var/www/trac/htdocs/prefs">
AuthType Cosign
CosignRequireFactor some_domain.edu
Require valid-user REDACTED
#Order allow,deny
#Allow from all
#Require host some_domain.edu
</Directory>
<Location "/">
AuthType Cosign
CosignRequireFactor some_domain.edu
Require valid-user REDACTED
</Location>
<Location "/trac/cosign/valid">
SetHandler cosign
#CosignProtected off
Allow from all
Satisfy any
</Location>
WSGIScriptAlias /trac /var/www/trac/cgi-bin/trac.wsgi
<Directory /var/www/trac/cgi-bin>
WSGIApplicationGroup %{GLOBAL}
#Order allow,deny
#Allow from all
Require all granted
</Directory>
Alias /trac/chrome/common /var/www/trac/htdocs/common
Alias /trac/chrome/site /var/www/trac/htdocs/site
#Added by GMS 5/3/2014 to fix the timeout specified has expired
errors
SetEnv nokeepalive ssl-unclean-shutdown
</VirtualHost>
ServerRoot "/usr/local"
#Disabled http GMS 2/26/16
#Listen 80
Listen 443
LoadModule authn_file_module libexec/apache24/mod_authn_file.so
LoadModule authn_core_module libexec/apache24/mod_authn_core.so
LoadModule authz_host_module libexec/apache24/mod_authz_host.so
LoadModule authz_groupfile_module libexec/apache24/mod_authz_groupfile.so
LoadModule authz_user_module libexec/apache24/mod_authz_user.so
LoadModule authz_core_module libexec/apache24/mod_authz_core.so
LoadModule access_compat_module libexec/apache24/mod_access_compat.so
LoadModule auth_basic_module libexec/apache24/mod_auth_basic.so
#LoadModule reqtimeout_module libexec/apache24/mod_reqtimeout.so
LoadModule filter_module libexec/apache24/mod_filter.so
LoadModule mime_module libexec/apache24/mod_mime.so
LoadModule log_config_module libexec/apache24/mod_log_config.so
LoadModule env_module libexec/apache24/mod_env.so
LoadModule headers_module libexec/apache24/mod_headers.so
LoadModule setenvif_module libexec/apache24/mod_setenvif.so
LoadModule version_module libexec/apache24/mod_version.so
LoadModule mpm_prefork_module libexec/apache24/mod_mpm_prefork.so
LoadModule unixd_module libexec/apache24/mod_unixd.so
LoadModule status_module libexec/apache24/mod_status.so
LoadModule autoindex_module libexec/apache24/mod_autoindex.so
<IfModule !mpm_prefork_module>
#LoadModule cgid_module libexec/apache24/mod_cgid.so
</IfModule>
<IfModule mpm_prefork_module>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
#LoadModule cgi_module libexec/apache24/mod_cgi.so
</IfModule>
<IfModule reqtimeout_module>
##Added by GMS to prevent 500 timeout error 5/4/2016
RequestReadTimeout header=0
RequestReadTimeout body=0
#RequestReadTimeout header=20-60,minrate=100
</IfModule>
LoadModule dir_module libexec/apache24/mod_dir.so
LoadModule alias_module libexec/apache24/mod_alias.so
LoadModule php5_module libexec/apache24/libphp5.so
###############Added by GMS for wsgi support###################
LoadModule ssl_module libexec/apache24/mod_ssl.so
LoadModule wsgi_module libexec/apache24/mod_wsgi.so
LoadModule cosign_module libexec/apache24/mod_cosign.so
IncludeOptional etc/apache24/modules.d/[0-9][0-9][0-9]_*.conf
KeepAlive On
MaxKeepAliveRequests 100
#KeepAliveTimeout 5
KeepAliveTimeout 20
<IfModule unixd_module>
User www
Group www
</IfModule>
###############Added by GMS 5/5/2016###################
ServerAdmin [email protected]
#<Directory />
# AllowOverride none
# Require all denied
#</Directory>
##########Added by GMS 02/18/16###############
#DocumentRoot "/usr/local/www/mediawiki"
#<Directory "/usr/local/www/mediawiki">
# Options Indexes FollowSymLinks
# DirectoryIndex index.php
# AllowOverride None
# Order allow,deny
# Allow from all
#</Directory>
##########Added by GMS 02/18/16###############
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
##########Added by GMS 02/18/16###############
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
###############################################
ErrorLog "/var/log/httpd-error.log"
LogLevel debug
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"
%I %O" combinedio
</IfModule>
CustomLog "/var/log/httpd-access.log" common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/usr/local/www/apache24/cgi-bin/"
</IfModule>
<IfModule cgid_module>
</IfModule>
<Directory "/usr/local/www/apache24/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig etc/apache24/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
<IfModule proxy_html_module>
Include etc/apache24/extra/proxy-html.conf
</IfModule>
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
##########Added by GMS 02/18/16###############
<IfModule php5_module>
DirectoryIndex index.php index.html
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
</IfModule>
##############################################
Include etc/apache24/Includes/*.conf
