Bug 42732 - Authentication against database issue.
Summary: Authentication against database issue.
Status: REOPENED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: All (show other bugs)
Version: 2.2.4
Hardware: HP HP-UX
: P2 major (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL: intranet
Keywords:
Depends on:
Blocks:
 
Reported: 2007-06-25 05:43 UTC by destroyedlolo
Modified: 2007-09-18 06:37 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description destroyedlolo 2007-06-25 05:43:49 UTC 
Hello,

I running on an HP-UX 11.11 712 box, and I have compiled apache 2.2.4 with GCC.
I have took mod_dbd.c from truck due to several bugs in the version provided w/
2.2.4.

I'm authenticating my users against a PostgreSQL database w/ following directives :

AuthType Basic
AuthName "mariage"
AuthBasicProvider dbd
Require valid-user
AuthDBDUserPWQuery "select passwd from test.comptes where id = %s"

Unfortunately, I have to enter 4 or 5 time my username password before being
accepted by apache. In error.log, I got many 
[Mon Jun 25 12:08:28 2007] [error] [client 164.129.228.100] user myuser :
 authentication failure for "/~laurent/": Password Mismatch

It's not a problem of password as I typed exactly the same one (copy/past), and
every time I'm restarting apache, the password is asked another 4 or 5 time
before being accepted.

I can spend some time for debugging if needed, but I duno where to start.

Best regards,

Laurent
Comment 1 Tony Stevenson 2007-06-25 06:21:50 UTC 
Laurent, 

This is not the place to obtain support for your issues.  Rather go to
"http://httpd.apache.org/docs/2.2/faq/" and use opne of those methods to get
some help.  This forum is for the reporting of bugs in the product.  If indeed
there is a bug found, please come back here an re-open this issue.

Thanks,
Tony
Comment 2 destroyedlolo 2007-07-05 04:58:31 UTC 
It's not a misconfiguration but really a bug : I did several tests and generated
some log on the database.

when the password is rejected, Apache did initiated the connection but the query
didn't run.

DEBUG:  bind <unnamed> to authn_dbd_1
DEBUG:  StartTransactionCommand
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3116/1/0, nestlvl: 1, children: <>
LOG:  execute authn_dbd_1: PREPARE authn_dbd_1 (varchar) AS select passwd from
test.comptes where id = $1
DETAIL:  parameters: $1 = 'Test'
DEBUG:  CommitTransactionCommand
DEBUG:  CommitTransaction
DEBUG:  name: unnamed; blockState:       STARTED; state: INPROGR, xid/subid/cid:
3116/1/1, nestlvl: 1, children: <>

When the password is accepted, Apache initiate the connection and then a query
is issued on the database.

DEBUG:  bind <unnamed> to authn_dbd_1
DEBUG:  StartTransactionCommand
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3120/1/0, nestlvl: 1, children: <>
LOG:  execute authn_dbd_1: PREPARE authn_dbd_1 (varchar) AS select passwd from
test.comptes where id = $1
DETAIL:  parameters: $1 = 'Test'
DEBUG:  CommitTransactionCommand
DEBUG:  CommitTransaction
DEBUG:  name: unnamed; blockState:       STARTED; state: INPROGR, xid/subid/cid:
3120/1/1, nestlvl: 1, children: <>
DEBUG:  bind <unnamed> to authn_dbd_1
DEBUG:  StartTransactionCommand
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3121/1/0, nestlvl: 1, children: <>
LOG:  execute authn_dbd_1: PREPARE authn_dbd_1 (varchar) AS select passwd from
test.comptes where id = $1
DETAIL:  parameters: $1 = 'Test'
DEBUG:  CommitTransactionCommand
DEBUG:  CommitTransaction
DEBUG:  name: unnamed; blockState:       STARTED; state: INPROGR, xid/subid/cid:
3121/1/1, nestlvl: 1, children: <>
DEBUG:  bind <unnamed> to authn_dbd_1
DEBUG:  StartTransactionCommand
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3122/1/0, nestlvl: 1, children: <>
LOG:  execute authn_dbd_1: PREPARE authn_dbd_1 (varchar) AS select passwd from
test.comptes where id = $1
DETAIL:  parameters: $1 = 'Test'
DEBUG:  CommitTransactionCommand
DEBUG:  CommitTransaction
DEBUG:  name: unnamed; blockState:       STARTED; state: INPROGR, xid/subid/cid:
3122/1/1, nestlvl: 1, children: <>
DEBUG:  bind <unnamed> to authn_dbd_1
DEBUG:  StartTransactionCommand
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3123/1/0, nestlvl: 1, children: <>
LOG:  execute authn_dbd_1: PREPARE authn_dbd_1 (varchar) AS select passwd from
test.comptes where id = $1
DETAIL:  parameters: $1 = 'Test'
DEBUG:  CommitTransactionCommand
DEBUG:  CommitTransaction
DEBUG:  name: unnamed; blockState:       STARTED; state: INPROGR, xid/subid/cid:
3123/1/1, nestlvl: 1, children: <>
DEBUG:  bind <unnamed> to authn_dbd_1
DEBUG:  StartTransactionCommand
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3124/1/0, nestlvl: 1, children: <>
LOG:  execute authn_dbd_1: PREPARE authn_dbd_1 (varchar) AS select passwd from
test.comptes where id = $1
DETAIL:  parameters: $1 = 'Test'
DEBUG:  CommitTransactionCommand
DEBUG:  CommitTransaction
DEBUG:  name: unnamed; blockState:       STARTED; state: INPROGR, xid/subid/cid:
3124/1/1, nestlvl: 1, children: <>
LOG:  connection received: host=[local]
DEBUG:  forked new backend, pid=18697 socket=7
LOG:  connection authorized: user=www database=www
DEBUG:  postgres child[18697]: starting with (
DEBUG:  	postgres
DEBUG:  	-v196608
DEBUG:  	-y
DEBUG:  	www
DEBUG:  )
DEBUG:  InitPostgres
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3125/1/0, nestlvl: 1, children: <>
DEBUG:  CommitTransaction
DEBUG:  name: unnamed; blockState:       STARTED; state: INPROGR, xid/subid/cid:
3125/1/0, nestlvl: 1, children: <>
DEBUG:  StartTransactionCommand
DEBUG:  StartTransaction
DEBUG:  name: unnamed; blockState:       DEFAULT; state: INPROGR, xid/subid/cid:
3126/1/0, nestlvl: 1, children: <>
LOG:  statement: SELECT *, TO_CHAR(expiration, 'YYYYMMDD') AS expiration FROM
hebergement.site WHERE id='Test';
DEBUG:  parse tree:
DETAIL:  {QUERY :commandType 1 :querySource 0 :canSetTag true :utilityStmt <>
	:resultRelation 0 :into <> :intoOptions <> :intoOnCommit 0 :intoTableSpaceName ...

According to PostgreSQL log, it seems the connection hasn't a "working" status
(expired ?), and this time, apache is doing several attempts, all failing and
finally create a new connection and do the query, successfully this time.

Best regards,

Laurent
Comment 3 Phil Endecott 2007-08-27 04:25:16 UTC 
Hi Laurent,

I fixed my 2.2.4 dbd authn problems by using the mod_dbd.c from trunk.  See this
message:

http://article.gmane.org/gmane.comp.apache.devel/31168

Regards, Phil.
Comment 4 destroyedlolo 2007-09-18 06:37:30 UTC 
Sorry for my silence (I was in paternity leave ;-D).

I compiled this patch but I'm not able anymore to restart 2.2.4 (nothing related
to this patch, httpd crash at startup on my system depending on my configuration
setting).

Anyway, I've installed 2.2.6 and the problem is still here. Can I test this
patch w/ 2.2.6 ?

Bye

Laurent