Hi everyone!
First, thanks for reading this.
Here is the situation:
Entrust (a provider of security solutions) offers Java-based security
applications for enterprises.
Their installer installs an own Java virtual machine for each application as
well as an own Tomcat (v 5.5.17)
As we are already running some self-developed servlets,
we wish to extract the server application and run it with our own JVM (6u1) and
Tomcat (6.0.10).
That's what we did: the servlets are up and running.
But we are apparently facing a problem regarding the cookie's value.
When I am running the ISAPI redirector in DEBUG mode, I get this:
[Fri May 04 17:59:08 2007] [1308:1988] [debug] jk_ajp_common.c (684): Header[3]
[Set-Cookie] =
[EntrustTruePassID="\"7.0|Y249U[...]PUx1ZnRoYW5zYSwgYz1kZQ==|1|2007-05-04
15:59:08 UTC|1200|50|-61|Qx2M2Q==|[...]3VmobNkg8j46JaoSkgMCTU=\"";
Domain=.blabla.com; Path=/; Secure]
The cookie's value is twice double quoted -> the inner double quotes have been
backslashed.
On a test server, with the native install of this application, the same log
entry looks like this:
[Fri May 04 15:57:29 2007] [1884:3676] [debug] jk_ajp_common.c (684): Header[3]
[Set-Cookie] = [EntrustTruePassID="7.[...]fDs==|1|2007-05-04 13:57:29
UTC|1200|50|0|Qx2M2Q==|[..]/d5wFNo145sdCJHdGXkayL8v3RFTSv2VT5Wvd6zixINFvHywI55zeDJq8len0=";
domain=.blabla.com; path=/; secure]
Because the cookie's value has been changed, the authentication process fails:
Fri May 04 17:59:09 2007 - WARNING -
[SessionValidationImpl::checkAuthentication()] - Auth cookie: Reporting Error:
TruePass: TPAuthCookie - Could not create the cookie using the cookie string
Line number: 253
File name: AuthCookie.cpp
caused by TruePass: TPAuthCookie - Could not validate the
authentication cookie
Line number: 976
File name: AuthCookie.cpp
caused by TruePass: TPAuthCookie - The authentication cookie string is
improperly formatted
Line number: 763
File name: AuthCookie.cpp
Before I give up, I would like to ask the specialists, if I am missing any
point here ;)
I read some posts about v0 cookies values problems
(http://issues.apache.org/bugzilla/show_bug.cgi?id=36863)
and I am wondering if it may also be a Tomcat problem here.
Tanks a lot for your time
Best regards
Valéry.
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]