[gradebook2-dev] gb.security.enabled setting questions
Kevin Chan
kevin at media.berkeley.edu
Wed Feb 23 12:09:35 PST 2011
Hi again,
Now that I have GB2 version 1.4 up and running, I am encountering some
issues with the gb.security.enabled setting.
Firstly, some info on our setup:
* currently running 1.2.0; executed SQL update scripts for 1.2->1.3
upgrade; loading GB2 1.4.0
* 3 DEV servers - 2 hosts (sakai-dev-01/sakai-dev-02) are being load
balancer that distribute traffic going to "sakai-dev" to these 2 hosts
evenly; optionally, you can go directly to these hosts by entering their
respective hostnames; the third host (sakai-dev-03) is NOT behind load
balancing
It looks like our load balancing/Apache proxy setup is affecting this
setting as going to the main hostname (sakai-dev) and the load balanced
hostnames (-01 and -02) is causing an error.
Here is the error from the front end:
Security Exception
Request Failed
Unexpected response from server: 400
and in catalina.out:
11:47:00,863 ERROR ServletWrappingController:160 - ERROR: X-XSRF-Cookie
violation
11:47:00,864 ERROR ServletWrappingController:160 - ERROR: X-XSRF-Cookie
violation
Going to sakai-dev-03 = no problems.
Changing gb2.security.enabled=false also fixes this error.
So my two questions are:
1. What exactly does gb.security.enabled=true do?
2. Are there any settings (on the Sakai or GB2 code side) that I can
change to make this work in our setup?
Thanks,
--
Kevin Chan
Operations Team
Educational Technology Services
UC Berkeley
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/gradebook2-dev/attachments/20110223/04c48f7a/attachment.html
More information about the gradebook2-dev
mailing list