httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stusynski, Dan" <>
Subject LDAP UnwillingToPerform
Date Mon, 21 Jul 2008 19:51:38 GMT
When using Aphelion as an LDAP server, it will return an
UnwillingToPerform (53) when the user password crendentials have
expired/become locked.
Would there be any potential issue (or the possibility) of adding a
check to mod_authnz_ldap.c after the result =
util_ldap_cache_checkuserid() inside the LDAP_SECURITY_ERROR ifDef where
the other security LDAP codes reside that check for this scenario and
return AUTH DENIED / a 401.
I don't see anything in the RFCs that say that this is potentially
hazardous; nor though do I know how additional LDAP servers handle this
particular issue.
Dan Stusynski

View raw message