ant-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 59347] New: Authentication fails with 500 Server Error
Date Mon, 18 Apr 2016 11:45:15 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=59347

            Bug ID: 59347
           Summary: Authentication fails with 500 Server Error
           Product: Ant
           Version: unspecified
          Hardware: Other
                OS: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Other
          Assignee: notifications@ant.apache.org
          Reporter: tysonrudgey@outlook.com
                CC: dstusynski@ptc.com, jfenlason@ptc.com
        Depends on: 41435

+++ This bug was initially created as a clone of Bug #41435 +++

I'm running into a problem with mod_ldap on Windows.  When I try to
authenticate
without passing in a username, I get a 500 server error.  Since the browser
doesn't get back a 401, it caches the user's credentials and I have to restart
the browser session in order to attempt to login again.
This is only happening on Windows, so I'm sure it's a difference (bug?) in the
Microsoft LDAP SDK.  Below is a proposed fix on top of Apache 2.2.4.  I added
the #if APR_HAS_MICROSOFT_LDAPSDK block.

modules/ldap/util_ldap.c (line 933):
    /* try do the search */
    if ((result = ldap_search_ext_s(ldc->ldap,
                                    (char *)basedn, scope,
                                    (char *)filter, attrs, 0,
                                    NULL, NULL, NULL, -1, &res))
            == LDAP_SERVER_DOWN)
    {
        ldc->reason = "ldap_search_ext_s() for user failed with server down";
        uldap_connection_unbind(ldc);
        goto start_over;
    }

#if APR_HAS_MICROSOFT_LDAPSDK
    if ( result == LDAP_FILTER_ERROR )
    { // no username was supplied, so fail with invalid credentials
        /* failure? if so - return */
        ldc->reason = "ldap_search_ext_s() to search for user failed";
        ldap_msgfree(res);
        uldap_connection_unbind(ldc);
        return LDAP_INVALID_CREDENTIALS;
    }
#endif

    /* if there is an error (including LDAP_NO_SUCH_OBJECT) return now */
    if (result != LDAP_SUCCESS) {
        ldc->reason = "ldap_search_ext_s() for user failed";
        return result;
    }



It would be great if this patch or something with similar affect could be
included in the next Apache 2.2 release.  Thanks.
,
Josh.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Mime
View raw message