httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ace Suares <>
Subject Q: Intermittent trouble with mod_auth_ldap in 2.0 and 1.3
Date Tue, 11 Nov 2003 17:42:09 GMT
Hash: SHA1

Due to a confusing post earlier, which happened to put this message into an 
unrelated thread, I am reposting this one. I hope that clears things up. I 
changed the subject, too, prefixing 'Q:' to distinguish from the other post.

Hi All,

Wether I am using Apache 1.3 with mod_auth_ldap 1.6.0 (from Rudedog) or Apache
2.0 with the distributed auth_ldap module (which is, as I understand, based
on the rudedog module), I am experiencing the same problems.

Over at the mailinglist, we analyzed the problem with
help op Brent Putnam, who posted a patch almost 2 years ago for a certain
problem that seems related. Find the patch and a description here:

The problem that Brent describes relates to the use of AuthLdapBindDN, but I
am binding anonymously and seem to have the same problems.

The most clever description of the problem can be found in above link, but
I'll put it down in my own words:

Whenever I login as userA, which is succesfull, and then want to login to
another URL with another .htaccess file with another Realm, as userB, I am
not allowed access. In my setup, only anonymous can see (certain attributes)
from all entires in the ldap directory; userA can not see userB and vice

When I get to the page for userB, I don't even get a pop-up that asks me for
username and password. I just get a 401 error. When I refresh the page
several times, I might get a pop-up, which I fill in with the correct
authentication information, but acces is disallowed and I get a pop-up again.
I can keep doing this several times. Meanwhile, I can go back to the page for
userA with no problems.

After a certain amount of refreshes followed by a certain amount of filling in
authentication info in the pop-up, I suddenly get access. Then, the page for
userA doens't let me in anymore. Even if they are in different realms!

I can provide you with more debugging info, but at the moment I'll just wait
for reactions.

My settings in apache for mod_auth_ldap:

in httpd.conf:
AuthLDAPOpCacheSize 0
AuthLDAPCacheSize 0

in .htaccess for userA in urlA:

AuthName "Login for"
AuthType Basic
AuthLDAPRemoteUserIsDN on
require valid-user

in .htaccess for userB in urlB:

AuthName "Login for"
AuthType Basic
AuthLDAPRemoteUserIsDN on
require valid-user

Above is the config for Apache 1.3, but I am experiencing the same problems
with Apache 2.0. I also tried Opera, Mozilla and Konquerer as browsers.

I would appreciate any info on this issue.
I hope this is the right place to contact developers for mod_auth_ldap in 2.0



- -- 
website: *
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)


View raw message