-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provide alternative to mod_session #142
Comments
In general I'm okay with this, but: have we talked to the mod_session folks about these problems at all? Even if we re-implement, they should at least be aware of the issues. |
the double cookie bug is there since ages, to me it seem mod_session is kinda abandoned, but if you can find a contact please do. |
I can't even get it to work..
and if I do, I get this instead; |
this is unrelated, Sessions do work, they just have some annying side effect |
Regarding my comment, sessions do work for me now. |
How this should work? I have setup as in example: I see that KDC is contacted on every page reload (using tcpdump), krb ticket is regenerated on every page reload. I saw the bug with double cookies: Unfortunately, this did not land in Centos 8 yet, so I patched mod_session by myself. But I'm still getting: |
On an unrelated, but yet somewhat related note - while it's totally doable compiling and using this module for Oracle's HTTP Server, there's no working way that we have found to cross-compile the mod_sessions modules from httpd source to work with OHS and without that, the module seems literally unusable as the site becomes very sluggish, having to bomard KDC |
mod_session is turning out to cause more issues than it resolves, from adding arbitrary data to a cookie, to double cookies being sent to clients, and other issues worked around previously (like bad use of encryption without authentication).
it's probably worth looking into providing a custom alternative instead, generating and parsing cookies we generated is not that hard after all.
The text was updated successfully, but these errors were encountered: