[LON-CAPA-admin] Userless Role Selection

Bynum, Lee Hamilton leebynum at illinois.edu
Thu Apr 16 18:26:12 EDT 2015


Hi Stuart,

> What was the Apache response code, i.e., what comes after 'HTTP/1.1" '
> in the line you copied from your server's Apache access log file?

Response code 302

The full line of that example is:

172.17.193.190 - - [14/Apr/2015:19:35:24 -0500] "GET /adm/roles HTTP/1.1" 302 4655 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5"

The "-" seems to be an outlier as it is the first instance.  Most are of the following forms:

172.17.193.190 - - [14/Apr/2015:19:37:23 -0500] "GET /adm/roles HTTP/1.1" 302 804 "https://access2.lon-capa.uiuc.edu/adm/sso" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12B410 Safari/600.1.4"
172.17.193.190 - - [14/Apr/2015:19:37:23 -0500] "GET /adm/roles HTTP/1.1" 302 772 "https://access2.lon-capa.uiuc.edu/adm/sso" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12B410 Safari/600.1.4"
172.17.193.190 - - [14/Apr/2015:19:37:23 -0500] "GET /adm/roles HTTP/1.1" 302 981 "https://access2.lon-capa.uiuc.edu/adm/sso" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12B410 Safari/600.1.4"

Lee

> -----Original Message-----
> From: lon-capa-admin-bounces at mail.lon-capa.org [mailto:lon-capa-admin-
> bounces at mail.lon-capa.org] On Behalf Of Stuart Raeburn
> Sent: Thursday, April 16, 2015 4:57 PM
> To: lon-capa-admin at mail.lon-capa.org
> Subject: Re: [LON-CAPA-admin] Userless Role Selection
> 
> Hi Lee,
> 
> > 172.17.193.190 - - [14/Apr/2015:19:35:24 -0500] "GET /adm/roles HTTP/1.1"
> 
> What was the Apache response code, i.e., what comes after 'HTTP/1.1" '
> in the line you copied from your server's Apache access log file?
> 
> Stuart Raeburn
> LON-CAPA Academic Consortium
> 
> 
> Quoting "Bynum, Lee Hamilton" <leebynum at illinois.edu>:
> 
> > Good Morning,
> >
> > Have people encountered userless role selection before?  That is,
> > get requests on /adm/roles without a user name associated with it.
> > It was my impression that /adm/roles/ was only accessed by users
> > that are already logged in.
> >
> > 172.17.193.190 - - [14/Apr/2015:19:35:24 -0500] "GET /adm/roles HTTP/1.1"
> >
> > This message was generated without any related activity from the
> > associated ip address.  It was generated a lot of times in a couple
> > of minutes, so it could also be a part of our ghost request bug, but
> >  I would love to eliminate the possibility of it being normal
> > behavior first.
> >
> > Thanks,
> >
> > Lee
> 
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin


More information about the LON-CAPA-admin mailing list