[Zope-CMF] CMF + Apache + VHM = lousy cookies...

A.J. Rossini rossini@u.washington.edu
21 Apr 2002 23:20:58 -0700 

So, since others seem to be getting it right, what is the magic
incantation for getting CMF (and/or Plone, it's got the identical
problem) to send cookies back through an Apache/VHM combination?  I've
got a nice set of incantations for using Apache with mixed Zope/static
content, and it basically looks like (domain/ip address changed to
protect the innocent, though I should mention that the specific
implementation location is behind a firewall, not my 2 obvious Zope
sites...):

NameVirtualHost My.IP.Address.Here
#NameVirtualHost localhost
<VirtualHost www.mydomain.com>
  ServerName www.mydomain.com
  DocumentRoot /var/www
  <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteLog "/var/log/apache/rewrite_log"
    RewriteLogLevel 1
#   RewriteCond %{HTTP_HOST} ^.*:80$
    RewriteRule ^/local/ - [L]
    RewriteRule ^/icons/ - [L]
    RewriteRule ^/~(.*) - [L]
    RewriteRule ^/cgi-bin/ - [L]
    ProxyPass / http://localhost:9673/VirtualHostBase/http/www.mydomain.com:80/mydomain.com/VirtualHostRoot/
    ProxyPassReverse / http://localhost:9673/VirtualHostBase/http/www.mydomain.com:80/mydomain.com/VirtualHostRoot/
#    RewriteRule ^/(.*) http://localhost:9673/VirtualHostBase/http/www.mydomain.com:80/mydomain.com/VirtualHostRoot/$1 [P]
#    RewriteRule ^(.*)$ http://localhost:9673/VirtualHostBase/http/www.mydomain.com:80/mydomain.com/VirtualHostRoot/$1 [P,L,E=HTTP_CGI_AUTHORIZATION:%1]
#   RewriteRule ^/(.*) http://127.0.0.1:9673/VirtualHostBase/http/%{HTTP_HOST}/mydomain.com/$1 [L,P]
  </IfModule>
</VirtualHost>

where Apache serves "www.mydomain.com", the Zope content is in the
/mydomain.com  subobject, etc.    Most of my dynamic one-side code
works, i.e. non-authentication.

But authentication barfs royally...

I've tried all three VHM rewrite rules, and just tried the ProxyPass
alternative.  The cookies still are "wrong", though if I connect
locally (i.e. http://localhost:9673/mydomain.com/TestPortal)
everything "works" (i.e. I can get authenticated for the portal).

So, what am I missing?  Or should I just not worry about the redirect
through port 80, which is the "easy" working solution, sigh...?

I'd like to do this "cleanly" if possible.  Any thoughts, or
pointers to particular parts of the FM, if RTFM is suggested, would be
appreciated.

best,
-tony

-- 
A.J. Rossini				Rsrch. Asst. Prof. of Biostatistics
U. of Washington Biostatistics		rossini@u.washington.edu	
FHCRC/SCHARP/HIV Vaccine Trials Net	rossini@scharp.org
-------------- http://software.biostat.washington.edu/ ----------------
FHCRC: M-W: 206-667-7025 (fax=4812)|Voicemail is pretty sketchy/use Email
UW:   Th: 206-543-1044 (fax=3286)|Change last 4 digits of phone to FAX
(my friday location is usually completely unpredictable.)