httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stusynski, Dan" <dstusyn...@ptc.com>
Subject LDAP UnwillingToPerform
Date Mon, 21 Jul 2008 19:51:38 GMT
Devs,
 
When using Aphelion as an LDAP server, it will return an
UnwillingToPerform (53) when the user password crendentials have
expired/become locked.
 
Would there be any potential issue (or the possibility) of adding a
check to mod_authnz_ldap.c after the result =
util_ldap_cache_checkuserid() inside the LDAP_SECURITY_ERROR ifDef where
the other security LDAP codes reside that check for this scenario and
return AUTH DENIED / a 401.
 
I don't see anything in the RFCs that say that this is potentially
hazardous; nor though do I know how additional LDAP servers handle this
particular issue.
 
Dan Stusynski

Mime
View raw message