Summary: | Enhance log message about dbdgroup_check_authorization | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | Bingyu Shen <byshen> |
Component: | mod_authz_dbd | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | NEW --- | ||
Severity: | normal | Keywords: | PatchAvailable |
Priority: | P2 | ||
Version: | 2.5-HEAD | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | Mac OS X 10.1 | ||
Attachments: | Enhance log message for dbdgroup_check_authorization function |
Created attachment 37436 [details] Enhance log message for dbdgroup_check_authorization function Currently, dbdgroup_check_authorization() function will simply return AUTHZ_DENIED for the group check authorization failures. In default log level, the log message will only show general errors "client denied by server configuration: xxxx". It would be great to explicitly let the user know the group check fails in the log message, just like what we did in authz_dbd_login() when login/logout fails. It will not add much overhead since the authz failure happens rarely but will take long time to troubleshoot. I added log as follows (also filed a patch in the attachment.) + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO() + "authz_dbd authorize: Authorization of user %s to access %s failed, reason: " + "user is not part of the 'require'ed dbd-group(s).", + r->user, r->uri); return AUTHZ_DENIED; Any feedbacks are appreciated!