Repeated use of non-existent cookie connection

29 views
Skip to first unread message

詹康宝

unread,
Aug 4, 2020, 5:22:32 AM8/4/20
to CAS Community

Hello~


There will be such a request every few seconds, and we have multiple services sharing a CAS authentication. Frequent calls will load CAS.


conf:
LogLevel Debug
CASDebug On
CASVersion 2
CASTimeout 14400
CASIdleTimeout 14400
CASCacheCleanInterval 10800
CASSSOEnabled On
CASCertificatePath /etc/httpd/conf.d/ssoruijienet.crt
CASCookiePath /var/cache/httpd/mod_auth_cas/
CASLoginURL https://sso.ruijie.net:8443/cas/login
CASValidateURL https://sso.ruijie.net:8443/cas/serviceValidate


apache error log:
[Tue Aug 04 17:06:00.572437 2020] [authz_core:debug] [pid 13677] mod_authz_core.c(809): [client 172.30.34.50:54348] AH01626: authorization result of Require valid-user : denied (no authenticated user yet), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572480 2020] [authz_core:debug] [pid 13677] mod_authz_core.c(809): [client 172.30.34.50:54348] AH01626: authorization result of : denied (no authenticated user yet), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572498 2020] [:debug] [pid 13677] mod_auth_cas.c(2058): [client 172.30.34.50:54348] Entering cas_authenticate(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572513 2020] [:debug] [pid 13677] mod_auth_cas.c(1655): [client 172.30.34.50:54348] entering isValidCASCookie(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572521 2020] [:debug] [pid 13677] mod_auth_cas.c(892): [client 172.30.34.50:54348] entering readCASCacheFile(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572561 2020] [:debug] [pid 13677] mod_auth_cas.c(926): [client 172.30.34.50:54348] Cache entry '21e53c7e3ef3e71df2badae91bcd2beb' could not be opened, referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572569 2020] [:debug] [pid 13677] mod_auth_cas.c(1660): [client 172.30.34.50:54348] Cookie '21e53c7e3ef3e71df2badae91bcd2beb' is corrupt or invalid, referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572591 2020] [:debug] [pid 13677] mod_auth_cas.c(580): [client 172.30.34.50:54348] CAS Service 'http%3a%2f%2fgerrit.ruijie.work%2faccounts%2fself%2fdetail', referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572621 2020] [:debug] [pid 13677] mod_auth_cas.c(528): [client 172.30.34.50:54348] entering getCASLoginURL(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572636 2020] [:debug] [pid 13677] mod_auth_cas.c(505): [client 172.30.34.50:54348] entering getCASGateway(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572643 2020] [:debug] [pid 13677] mod_auth_cas.c(595): [client 172.30.34.50:54348] entering redirectRequest(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572651 2020] [:debug] [pid 13677] mod_auth_cas.c(607): [client 172.30.34.50:54348] Adding outgoing header: Location: https://sso.ruijie.net:8443/cas/login?service=http%3a%2f%2fgerrit.ruijie.work%2faccounts%2fself%2fdetail, referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572660 2020] [:debug] [pid 13677] mod_auth_cas.c(761): [client 172.30.34.50:54348] entering setCASCookie(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572669 2020] [:debug] [pid 13677] mod_auth_cas.c(460): [client 172.30.34.50:54348] Determining CAS scope (path: /accounts/self/, CASScope: (null), CASRenew: (null), CASGateway: (null)), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.572682 2020] [:debug] [pid 13677] mod_auth_cas.c(807): [client 172.30.34.50:54348] Adding outgoing header: Set-Cookie: MOD_AUTH_CAS=;Path=/accounts/self/; HttpOnly; expires=Thu, 01 Jan 1970 00:00:00 GMT, referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582850 2020] [authz_core:debug] [pid 13677] mod_authz_core.c(809): [client 172.30.34.50:54348] AH01626: authorization result of Require valid-user : denied (no authenticated user yet), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582875 2020] [authz_core:debug] [pid 13677] mod_authz_core.c(809): [client 172.30.34.50:54348] AH01626: authorization result of : denied (no authenticated user yet), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582890 2020] [:debug] [pid 13677] mod_auth_cas.c(2058): [client 172.30.34.50:54348] Entering cas_authenticate(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582904 2020] [:debug] [pid 13677] mod_auth_cas.c(1655): [client 172.30.34.50:54348] entering isValidCASCookie(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582911 2020] [:debug] [pid 13677] mod_auth_cas.c(892): [client 172.30.34.50:54348] entering readCASCacheFile(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582946 2020] [:debug] [pid 13677] mod_auth_cas.c(926): [client 172.30.34.50:54348] Cache entry '21e53c7e3ef3e71df2badae91bcd2beb' could not be opened, referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582954 2020] [:debug] [pid 13677] mod_auth_cas.c(1660): [client 172.30.34.50:54348] Cookie '21e53c7e3ef3e71df2badae91bcd2beb' is corrupt or invalid, referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.582974 2020] [:debug] [pid 13677] mod_auth_cas.c(580): [client 172.30.34.50:54348] CAS Service 'http%3a%2f%2fgerrit.ruijie.work%2faccounts%2fself%2fdetail', referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.583008 2020] [:debug] [pid 13677] mod_auth_cas.c(528): [client 172.30.34.50:54348] entering getCASLoginURL(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.583020 2020] [:debug] [pid 13677] mod_auth_cas.c(505): [client 172.30.34.50:54348] entering getCASGateway(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.583034 2020] [:debug] [pid 13677] mod_auth_cas.c(595): [client 172.30.34.50:54348] entering redirectRequest(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.583042 2020] [:debug] [pid 13677] mod_auth_cas.c(607): [client 172.30.34.50:54348] Adding outgoing header: Location: https://sso.ruijie.net:8443/cas/login?service=http%3a%2f%2fgerrit.ruijie.work%2faccounts%2fself%2fdetail, referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.583050 2020] [:debug] [pid 13677] mod_auth_cas.c(761): [client 172.30.34.50:54348] entering setCASCookie(), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.583060 2020] [:debug] [pid 13677] mod_auth_cas.c(460): [client 172.30.34.50:54348] Determining CAS scope (path: /accounts/self/, CASScope: (null), CASRenew: (null), CASGateway: (null)), referer: http://gerrit.ruijie.work/dashboard/self
[Tue Aug 04 17:06:00.583072 2020] [:debug] [pid 13677] mod_auth_cas.c(807): [client 172.30.34.50:54348] Adding outgoing header: Set-Cookie: MOD_AUTH_CAS=;Path=/accounts/self/; HttpOnly; expires=Thu, 01 Jan 1970 00:00:00 GMT, referer: http://gerrit.ruijie.work/dashboard/self

詹康宝

unread,
Aug 5, 2020, 2:45:57 AM8/5/20
to CAS Community
Finally, by modifying the Location module of the http.conf file, the url was changed from / to /login to prevent these requests for frequent access authentication.

Is there a better solution?
Reply all
Reply to author
Forward
0 new messages