We are running Sentinel under Apache/Tomcat on Debian. Most of our problems were related to getting the correct keys in the correct locations, but it has been working relatively well for several years now. We role our own apache and tomcat though, instead of using the distribution installs because Debian, though not as bad as red hat, likes to modify the configuration (distributing install throughout the OS instead of keeping it separate which we prefer). If you have the time and inclination I might suggest downloading Apache/PHP and building your own to see if you can get that to work, and then try diffing the configurations with the red hat install to see if you can isolate any offending configurations etc. At least then you can determine if it is a Red Hat specific issue. Are you getting errors in your logs? If I understand Sentinel correctly, what happens (at least from a tomcat point of view) is that upon redirect to your server after user authentication, the token is passed to your server which would then make an rpc call to the sentinel service to retrieve the credentials using the provided token. If you have a firewall setup, it could be blocking the rpc calls, though i would expect that to appear in an error log somewhere. I would suppose that it is also possible that the Sentinel client is being sandboxed, or prohibited from establishing an outbound connection to the Sentinel service. I haven't used PHP for this however, so I don't know how it may differ. Chris. ---------------------------------- Christopher C. Perry GIS Coordinator Campus Planning and Administration 412 Olds Hall Phone: (517) 355-9582 Ext. 112 Fax: (517) 432-1090 Email: [log in to unmask]