[Zope] Cookie Authentication problem (__ac)

Marc O. Sandlus Marc.O.Sandlus@ruhr-uni-bochum.de
10 Apr 2002 02:46:11 +0200


Hello,

Zope's cookie authentication does not work with Zope running "behind"
apache, while it works when Zope gets accessed directly.

Zope is running on port 9673, apache on port 80, with this RewriteRule
in httpd.conf and a VirtualHostMonster in Zope's root directory:

RewriteRule ^/mydir(.*)
http://localhost:9673/VirtualHostBase/http/myserver:80/mydir$1 [P]

So Authentication works if I use the following "direct" access method of
Zope's Login Form:
http://myserver:9673/mydir/login_form
while this doesn't work:
http://myserver/mydir/login_form

What "doesn't work" means:
In both cases I get a positive response from Zope (Authentication
succeeded) after posting the login form. However, in the latter case the
authenticated user becomes the "Anonymous User" again when I load a
different URL, which basically means that authentication doesn't took
place. 

What I found out is that the cookie "__ac" doesn't get set in the latter
case, while the cookie "__ac_name" gets set in both cases.

That's weird and I wonder if anybody could explain why.

Thanks in advance,
Marc