[Zope-CMF] CMF + Apache + VHM = lousy cookies...

Tres Seaver tseaver@zope.com
22 Apr 2002 10:30:05 -0400

On Mon, 2002-04-22 at 05:46, seb bacon wrote:
> Your first rewrite rule looks fine.
> I think your problem is a well-known (on this list, at least :) apache
> 1.3.12 (?) bug effecting cookies.  Search the lists for a reference. 
> The workaround is to change the name of the auth cookies in the
> cookiecrumbler.

Recent releases of Apache (1.3.23 & 1.3.24) swallow all but one cookie
from the origin server;  changing the cookie name *may* help, but only
because it changes the hash key.  Other workarounds include:

  - Don't set the persistent '__ac_name' cookie (only a convenience,
    not a necessity).

  - Downgrade apached to 1.3.22 until they manage to fix their bug.

Tres Seaver                                tseaver@zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com