Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

Unexpected XML Error

Education Center mailbox030403 at mail.ru
Thu Feb 1 23:45:02 PST 2007


Hi!
Trying to make test environment with webauth and webkdc I got several errors that I was tring to fix checking manuals but was unsuccessfull. Please help if possible. 

Some addtional info about environment and disto could be found at the end of message.


~~~~~~~~~~~~~~~~~~~~~~~
1. The following error messages in log accessing /webauth-status

[Fri Feb 02 09:40:50 2007] [error] mod_webauth: request_service_token: apr_xml_parser_{feed,done} failed: XML parser error code: syntax error (2) (20014)
[Fri Feb 02 09:40:50 2007] [error] mod_webauth: mwa_get_service_token: couldn't get new service token from webkdc
[Fri Feb 02 09:40:50 2007] [emerg] mod_webauth: mwa_get_service_token FAILD!!
~~~~~~~~~~~~~~~~~~~~~~~

2. Trying to access /login I have the following:

Webauth Error as web page output
and this entry in error log: [Fri Feb 02 10:29:37 2007] [error] [client 10.1.1.1] there was no request or service token
~~~~~~~~~~~~~~~~~~~~~~~

3. And trying to access WebAuth protected location I got these error entries:

[Fri Feb 02 10:31:48 2007] [warn] mod_webauth: mwa_read_service_token_cache: service token cache is zero length: /www/conf/webauth/service_token.cache
[Fri Feb 02 10:31:48 2007] [error] mod_webauth: request_service_token: apr_xml_parser_{feed,done} failed: XML parser error code: syntax error (2) (20014)
[Fri Feb 02 10:31:48 2007] [error] mod_webauth: mwa_get_service_token: couldn't get new service token from webkdc
[Fri Feb 02 10:31:48 2007] [emerg] mod_webauth: mwa_get_service_token FAILD!!
[Fri Feb 02 10:31:48 2007] [emerg] mod_webauth: redirect_request_token: no service token, denying request
[Fri Feb 02 10:31:48 2007] [warn] mod_webauth: failure_redirect: no URL configured
~~~~~~~~~~~~~~~~~~~~~~~

Additional Technical info:

1. webauth and webkdc are installed on same server
2. kerberos server is Windows2000
3. kerberos libraries on web server is Hemdail 0.7.2
4. the following prinicpals have been registered and keytabs copied to webserver: services/webkdc at test.domain.org, webauth/testsrv.test.domain.org at test.domain.org
4.1 keytabs have been tested successfully with kinit utility.
5. config dirs have write perms for apache process

Here also "mod_webauth status":

--------------------------------------------------------------------------------

Server Version: Apache/2.2.0 (Unix) DAV/2 PHP/4.4.1 mod_ssl/2.2.0 OpenSSL/0.9.7g mod_auth_kerb/5.3 WebKDC/3.5.3 WebAuth/3.5.3 
Server Built: Dec 20 2005 16:32:59 
Hostname/port: testsrv:443 

--------------------------------------------------------------------------------

WebAuth Info Version: 3.5.3 
WebAuth Info Build: Built by root at testsrv on 2007-01-30 21:12:38 UTC 
Current Configuration (server directives only): 
WebAuthCredCacheDir /www/conf/webauth
WebAuthDebug on
WebAuthKeyRing /www/conf/webauth/keyring
WebAuthKeyRingAutoUpdate on
WebAuthKeyRingKeyLifetime 2592000s
WebAuthKeytab /www/conf/webauth/keytab webauth/testsrv.test.domain.org
WebAuthLoginUrl https://testsrv/login/
WebAuthServiceTokenCache /www/conf/webauth/service_token.cache
WebAuthSubjectAuthType krb5
WebAuthSSLRedirect on
WebAuthTokenMaxTTL 300s
WebAuthWebKdcPrincipal service/webkdc
WebAuthWebKdcSSLCertFile /www/conf/testsrv.crt
WebAuthWebKdcSSLCertCheck on
WebAuthWebKdcURL https://testsrv/webkdc-services/

--------------------------------------------------------------------------------

Keyring read check: ok 
Keyring info: 
num_entries 1
entry 0 creation time Thu Feb 01 16:03:59 2007
entry 0 valid after Thu Feb 01 16:03:59 2007

--------------------------------------------------------------------------------

Keytab read check: ok 

--------------------------------------------------------------------------------

Service Token Cache read/write check: ok 
Service Token info: 
service_token is NULL. This usually indicates a permissions problem with the service token cache and/or keytab file 
_______________________

Thank you very much in advance for your help.

Ils.
Education Center
Russia










More information about the webauth-info mailing list