The architecture of Sentinel has been changed drastically. We have created new clients for Cold Fusion, PHP and .Net that use a pure web service for all communication. We are currently revising the Java, Classic ASP and Apache Mod-Sentinel Clients to support this new architecture along with several other new features (including single sign on). We're working with Eric to see if we can resolve this. We expect it's a problem with the usage of sessions in this particular installation of Sentinel. -tim ________________________________ Timothy D. First, MCSE Information Technologist III Michigan State University Administrative Information Services [log in to unmask] (517) 353-4420 x335 Fax: (517) 355-5176 -----Original Message----- From: Christopher C. Perry [mailto:[log in to unmask]] Sent: Friday, April 14, 2006 12:40 PM To: [log in to unmask] Subject: Re: [MSUNAG] Sentinel under non-MS systems We are running Sentinel under Apache/Tomcat on Debian. Most of our problems were related to getting the correct keys in the correct locations, but it has been working relatively well for several years now. We role our own apache and tomcat though, instead of using the distribution installs because Debian, though not as bad as red hat, likes to modify the configuration (distributing install throughout the OS instead of keeping it separate which we prefer). If you have the time and inclination I might suggest downloading Apache/PHP and building your own to see if you can get that to work, and then try diffing the configurations with the red hat install to see if you can isolate any offending configurations etc. At least then you can determine if it is a Red Hat specific issue. Are you getting errors in your logs? If I understand Sentinel correctly, what happens (at least from a tomcat point of view) is that upon redirect to your server after user authentication, the token is passed to your server which would then make an rpc call to the sentinel service to retrieve the credentials using the provided token. If you have a firewall setup, it could be blocking the rpc calls, though i would expect that to appear in an error log somewhere. I would suppose that it is also possible that the Sentinel client is being sandboxed, or prohibited from establishing an outbound connection to the Sentinel service. I haven't used PHP for this however, so I don't know how it may differ. Chris. ---------------------------------- Christopher C. Perry GIS Coordinator Campus Planning and Administration 412 Olds Hall Phone: (517) 355-9582 Ext. 112 Fax: (517) 432-1090 Email: [log in to unmask]