Comments (2)
the module normaly check ip with the ip stored in the session only if you set Auth_memCookie_MatchIP_Mode (to >0 value), by default they don't check the ip.
i've you setted this option ?
from apache-authmemcookie-module.
@mcarbonneaux thanks for checking out this issue.
Yes, I did set it:
Auth_memCookie_MatchIP_Mode 1
And, with LogLevel debug
(I've added the X-forwarded-for header at the end of the logFormat):
First access, no valid cookie set:
[Mon May 31 10:33:17 2021] [debug] [pid 110372] mod_auth_memcookie.c(574): [client 172.22.40.74:49780] Auth_memCookie: Auth_memCookie_public_authz_checker in 179.113.159.104
[Mon May 31 10:33:17 2021] [info] [pid 110372] mod_auth_memcookie.c(589): [client 172.22.40.74:49780] Auth_memCookie: cookie not found, continue ! 179.113.159.104
[Mon May 31 10:33:17 2021] [debug] [pid 110372] mod_auth_memcookie.c(443): [client 172.22.40.74:49780] Auth_memCookie: ap_hook_check_user_id in 179.113.159.104
[Mon May 31 10:33:17 2021] [debug] [pid 110372] mod_auth_memcookie.c(453): [client 172.22.40.74:49780] Auth_memCookie: check MatchIP_Mode:1 179.113.159.104
[Mon May 31 10:33:17 2021] [debug] [pid 110372] mod_auth_memcookie.c(488): [client 172.22.40.74:49780] Auth_memCookie: AuthType are 'Cookie' 179.113.159.104
[Mon May 31 10:33:17 2021] [info] [pid 110372] mod_auth_memcookie.c(503): [client 172.22.40.74:49780] Auth_memCookie: cookie not found! not authorized! RemoteIP:179.113.159.104 179.113.159.104
After authentication, with valid cookie and valid key on memcached:
[Mon May 31 10:36:05 2021] [debug] [pid 113055] mod_auth_memcookie.c(574): [client 172.22.40.74:59232] Auth_memCookie: Auth_memCookie_public_authz_checker in 179.113.159.104
[Mon May 31 10:36:05 2021] [debug] [pid 113055] mod_auth_memcookie.c(592): [client 172.22.40.74:59232] Auth_memCookie: got cookie; value is 1a280ca04d064ea901527a6ad1149f21 179.113.159.104
[Mon May 31 10:36:05 2021] [debug] [pid 113055] mod_auth_memcookie.c(207): [client 172.22.40.74:59232] Auth_memCookie: libmemcached configuration are --SERVER=xxxxx:11211 179.113.159.104
[Mon May 31 10:36:05 2021] [debug] [pid 113055] mod_auth_memcookie.c(262): [client 172.22.40.74:59232] Auth_memCookie: session information 'UserName'='captcha_1a280ca04d064ea901527a6ad1149f21' 179.113.159.104
[Mon May 31 10:36:05 2021] [debug] [pid 113055] mod_auth_memcookie.c(262): [client 172.22.40.74:59232] Auth_memCookie: session information 'RemoteIP'='179.113.159.104' 179.113.159.104
[Mon May 31 10:36:05 2021] [debug] [pid 113055] mod_auth_memcookie.c(262): [client 172.22.40.74:59232] Auth_memCookie: session information 'Expiration'='600' 179.113.159.104
[Mon May 31 10:36:05 2021] [debug] [pid 113055] mod_auth_memcookie.c(284): [client 172.22.40.74:59232] Auth_memCookie: Value for Session (key:1a280ca04d064ea901527a6ad1149f21) found => Username=captcha_1a280ca04d064ea901527a6ad1149f21 Groups=(null) RemoteIp=179.113.159.104 179.113.159.104
After change my ipaddress:
[Mon May 31 10:37:35 2021] [debug] [pid 113055] mod_auth_memcookie.c(574): [client 172.22.40.74:58910] Auth_memCookie: Auth_memCookie_public_authz_checker in 177.51.67.64
[Mon May 31 10:37:35 2021] [debug] [pid 113055] mod_auth_memcookie.c(592): [client 172.22.40.74:58910] Auth_memCookie: got cookie; value is 1a280ca04d064ea901527a6ad1149f21 177.51.67.64
[Mon May 31 10:37:35 2021] [debug] [pid 113055] mod_auth_memcookie.c(207): [client 172.22.40.74:58910] Auth_memCookie: libmemcached configuration are --SERVER=xxxx.trt15.jus.br:11211 177.51.67.64
[Mon May 31 10:37:35 2021] [debug] [pid 113055] mod_auth_memcookie.c(262): [client 172.22.40.74:58910] Auth_memCookie: session information 'UserName'='captcha_1a280ca04d064ea901527a6ad1149f21' 177.51.67.64
[Mon May 31 10:37:35 2021] [debug] [pid 113055] mod_auth_memcookie.c(262): [client 172.22.40.74:58910] Auth_memCookie: session information 'RemoteIP'='179.113.159.104' 177.51.67.64
[Mon May 31 10:37:35 2021] [debug] [pid 113055] mod_auth_memcookie.c(262): [client 172.22.40.74:58910] Auth_memCookie: session information 'Expiration'='600' 177.51.67.64
[Mon May 31 10:37:35 2021] [debug] [pid 113055] mod_auth_memcookie.c(284): [client 172.22.40.74:58910] Auth_memCookie: Value for Session (key:1a280ca04d064ea901527a6ad1149f21) found => Username=captcha_1a280ca04d064ea901527a6ad1149f21 Groups=(null) RemoteIp=179.113.159.104 177.51.67.64
Apparently, mod_auth_memcookie never made this check: https://github.com/ZenProjects/Apache-Authmemcookie-Module/blob/master/mod_auth_memcookie.c#L537
from apache-authmemcookie-module.
Related Issues (16)
- Incorrect group verification
- Can't configure HOT 7
- Unable to install on Ubuntu 14.04 & Apache 2.4 HOT 11
- Issue with simplesamlsphp session storage HOT 1
- Session data, improve documentation HOT 5
- Allow setting server variables separately from HTTP headers
- ErrorDocument 401 doesn't redirect specified url HOT 2
- Issues finding libmemache library on RHEL 7 preventing install HOT 1
- Replaying POST Requests HOT 1
- require user authenticates successfully if the current user is unequal ANY of the required users
- group authentication not working HOT 2
- FreeBSD compilation warnings
- Apache 2.4 partial support ? HOT 3
- Thread safe ? HOT 3
- REMOTE_USER not available to mod_rewrite HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apache-authmemcookie-module.