httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 55523] New: auth_groupfile error log on access even though successful
Date Wed, 04 Sep 2013 16:04:06 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=55523

            Bug ID: 55523
           Summary: auth_groupfile error log on access even though
                    successful
           Product: Apache httpd-2
           Version: 2.4.6
          Hardware: PC
            Status: NEW
          Severity: trivial
          Priority: P2
         Component: mod_authz_groupfile
          Assignee: bugs@httpd.apache.org
          Reporter: bgleason@mwgl.org

When I have Nested Require values in an htaccess, it present what I would
consider unconventional logging in the error log.

.htgroups file
administrators: admin
users: user1 user2 user3

For ex.
<RequireAll>
  <RequireAny>
    Require group users
    Require group administrators
  </RequireAny>
  <RequireAny>
    Require host Machine1.domain.net
    Require host Machine2.domain.net
    Require host Machine3.domain.net
    Require host Machine4.domain.net
    Require host Machine5.domain.net
    Require host Machine6.domain.net
  </RequireAny>
</RequireAll>

if I attempt to log into the virtualhost site from a valid system based on the
"require host" even though I am able to access the site, it presents this in
the error log.

[Wed Sep 04 10:39:33.159477 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access /
failed, reason: user is not part of the 'require'ed group(s).
[Wed Sep 04 10:39:33.315732 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access
/index.php/Main_Page failed, reason: user is not part of the 'require'ed
group(s).
[Wed Sep 04 10:39:33.315732 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access
/Main_Page failed, reason: user is not part of the 'require'ed group(s).
[Wed Sep 04 10:39:33.596991 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access
/load.php failed, reason: user is not part of the 'require'ed group(s).,
referer: http://Wikisite/index.php/Main_Page
[Wed Sep 04 10:39:33.753246 2013] [authz_groupfile:error] [pid 1740:tid 932]
[client 172.20.103.47:60414] AH01667: Authorization of user admin to access
/load.php failed, reason: user is not part of the 'require'ed group(s).,
referer: http://Wikisite/index.php/Main_Page
[Wed Sep 04 10:39:34.393892 2013] [authz_groupfile:error] [pid 1740:tid 932]
[client 172.20.103.47:60414] AH01667: Authorization of user admin to access
/favicon.ico failed, reason: user is not part of the 'require'ed group(s).

Some would say, yeah duh, he is not a member of the "users" group so it is
erroring based on that, but he is a member of the administrators group making
it successful, but what I am considering the error/bug is that it is showing
that as an error even though the authentication end result was SUCCESS.

Not sure if that would need to be flipped to debugging functionality where
authz_user, authz_host, authz_groupfile, etc. only log errors when the end
result is a failure and if the end result is success, log individual require
failures only when error logging is in debug mode...

Hope my quandary makes since.

Thanks...

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message