| Summary: | Error 'user doesn't appear in group file' | ||
|---|---|---|---|
| Product: | Apache httpd-2 | Reporter: | tm8544 |
| Component: | mod_authz_groupfile | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | Keywords: | FixedInTrunk |
| Priority: | P2 | ||
| Version: | 2.4.41 | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | All | ||
|
Description
tm8544
2020-02-23 13:08:54 UTC
(In reply to tm8544 from comment #0) > Consider the following Auth container: > > <RequireAny> > Require group MY_USERS > Require user User_X > </RequireAny> > > User_X is not included in group file MY_USERS. > When I access the site as User_X, access is granted but there is an error in > Apache log. > > module authz_groupfile logs the following error: > authz_groupfile:error pid 3448:tid 4880 client XXX.XXX.XXX.XXX:53607 > AH01666: Authorization of user User_X to access /index.php failed, reason: > user doesn't appear in group file (XXXXXXXXX_MY_GROUP). > > But considering the container there is no error, so why log it as an error? > Would a notice do? notice is quite high too. There were a handful of these kinds of things that cropped up in early 2.4 that were suppressed. Dropped to INFO in trunk and proposed for 2.4.x http://svn.apache.org/r1874424 For posterity, maybe you can add the user w/ no groups to the groupfile to suppress the message. I did that as a temporaty solution. |