Summary: | Existing User, wrong password generates internal error | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | Mika Borner <mika.borner> |
Component: | mod_authz_ldap | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | RESOLVED WONTFIX | ||
Severity: | normal | CC: | jpetrakis |
Priority: | P2 | ||
Version: | 2.2.9 | ||
Target Milestone: | --- | ||
Hardware: | Sun | ||
OS: | Solaris |
Description
Mika Borner
2006-02-27 08:31:20 UTC
Also happens on httpd built on Win32 authenticating against openldap using patch from bug 37814 I don't have a Solaris box to test with, but given the description of the problem, everything works as expected on Suse Linux 10 against a Novell NDS ldap server. Can you provide more information such as your auth_ldap configuration and any error messages in the error_log with LogLevel set to DEBUG. (In reply to comment #2) > I don't have a Solaris box to test with, but given the description of the > problem, everything works as expected on Suse Linux 10 against a Novell NDS > ldap server. Can you provide more information such as your auth_ldap > configuration and any error messages in the error_log with LogLevel set to > DEBUG. Here it comes. Debug does not show anything interesting: [Wed Mar 15 12:55:32 2006] [info] Initial (No.1) HTTPS request received for child 5 (server host.domain:443) [Wed Mar 15 12:55:32 2006] [debug] mod_authnz_ldap.c(373): [client 169.xx.xx.x] [20006] auth_ldap authenticate: using URL ldap://nds-ldap1.domain:389/ o=Organisation?uid, referer: https://host.domain/menu.html [Wed Mar 15 12:55:35 2006] [warn] [client 169.xx.xx.xx] [20006] auth_ldap authenticate: user username authentication failed; URI /PATH/ [ldap_simple_bind_s() to check user credentials failed][Invalid credentials], referer: https://host.domain/menu.html [Wed Mar 15 12:55:35 2006] [info] [client 169.xx.xx.xx] Connection closed to child 5 with unclean shutdown (server host.domain:443) Directive: <Location /PATH> AuthType Basic AuthName "host.domain" AuthBasicProvider ldap AuthLDAPURL ldap://nds-ldap1.domain:389/o=Organisation?uid require ldap-attribute ou=4314 Options Indexes IndexOptions FancyIndexing IndexStyleSheet "/css/font.css" Order allow,deny Allow from all </Location> I tried to match your configuration as close as possible, but I am still not seeing a problem. Everything seems to work as expected. I am experiencing the same problem. System is Fedora Core 4; Apache HTTP Server 2.0.54; Against OpenLDAP 2.2.29 mod_authz_ldap Directive is as follows: <Directory /some/path/ > Options None AuthType Basic AuthName "Authentication" AuthzLDAPMethod ldap AuthzLDAPServer ldap.example.com AuthzLDAPUserBase ou=People,dc=example,dc=com AuthzLDAPUserKey uid AuthzLDAPUserScope subtree AuthzLDAPAuthoritative off require valid-user </Directory> This seems to work now, as I am using httpd Version 2.2.2 with the Novell CLDAP SDK linked to it. The OP says it works for him in the latest comment, and it's ancient. If there's a bug now, it needs clarifying in the light of comment 6. On Debian with LDAPS problem exists, 2.2.9-10+lenny6. |