Checked them and limits are set to 8Kb and looking at the header
sizes they don't exceed that.
I did some other testing however and I don't think we are going
to like this...
I put back an old libproxy.so from our (working) version shipped
with apache 1.3.12 into apach 1.3.26. And when I sniff the whole
kit'n kaboodle again I don't see the cookie duplication! If I put
back the version of 1.3.26, I DO see cookie duplication!
Does anybody know what might cause this ? I know siteminder depends
on a patch which inserts an : ap_overlay_tables() statement which
is already in the version of 1.3.26. Has something been changed in
relation to passing headers to other modules ? Might this statement
now causing headers to be added twice ?
Dirk-Willem van Gulik wrote:
Be aware that it *is* possible to get SM to produce a cookie sooooo big
that it hits the 1024 (or wathever) single MIME line length limit of
and friends for more info.
On Thu, 29 Aug 2002, Martijn Schoemaker wrote:
> We use SM 4.51 and not yet the QMR4 web-agent. Will install
> and try this out right away. In any case, this does not seem
> to be a mod_proxy problem anyway. I did some more checking
> and the browser problems are probably caused by the Set-Cookie
> headers which are set multiple times. Also, the Cookies them-
> selves for the user that works are smaller that the ones for
> the user that don't work and this prolly gives strange effects
> in IE (who whould have guessed ? :))
> Anyway, this seems more like a SM/Cookie/RFC issue and has no
> further relation with mod_proxy.
> Thanks all who replied for the input, and if insights change
> y'all will hear from me :)
> Martijn Schoemaker
> P.S.: Does anyone know a browser-like test tool which handles
> SSL and shows the actual data including headers ? I might
> even build one myself, since debugging these issues is
> now quite a pain in the *ss. I know there is an SSL ca-
> pable wget, but it's pretty irritating with cookies etc.
> "Foust, Adam G." wrote:
> > We are beginning a Apache 1.3.26 reverse-proxy setup with SiteMinder. I have
> > not seen the double Set-Cookie strangeness. We are using SiteMinder 4.61
> > with the QMR4 apache webagent. I've observed some strange URL rewriting
> > issues involved with multi-domain sign-on and using cookie providers, but
> > nothing that can't be worked around.
> > Our setup is basically apache reverse-proxies (mod_proxy) behind F5
> > load-balancers. The reverse-proxies chain through intermediate firewalls
> > through another (forward) mod_proxy to backend DMZ servers.
> > I have been tracing HTTP headers and have not yet seen the behavior you
> > describe. Are you running SiteMinder 5.0?
> You have reached the end of the message.
> Press [t] to go to the top of this message, or [c] to close it.
-- You have reached the end of the message. Press [t] to go to the top of this message, or [c] to close it.