httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mikhail T." <>
Subject Is AuthnProviderAlias subtly broken in 2.4?
Date Thu, 22 Aug 2013 01:19:40 GMT

We had the auth setup under 2.2, that used two AuthnProviderAlias-blocks -- one 
for LDAP and one for a handful of local user-accounts not known to the Active 

    <AuthnProviderAlias ldap CorpAD>
       AuthLDAPBindDN "cn=foo,ou=bar,ou=Enterprise
       AuthLDAPBindPassword "secret"
       AuthLDAPRemoteUserAttribute sAMAccountName

    <AuthnProviderAlias file AdminFile>
       AuthUserFile '/data/servers/apache-scm/conf/admin.passwd'

The actual usage of the above was thus:

    AuthType Basic
    AuthName "Who are you?"
    AuthBasicProvider AdminFile CorpAD
    Require valid-user

The config is currently working on our production server, but I'm trying to 
upgrade the dev-server to 2.4.6. Unfortunately, the 2.4.6 kept rejecting me -- 
without even trying to perform an LDAP query (LogLevel is set to trace3):

    .... AH01618: user mikhail not found: /foo/...
    .... auth phase 'check user' gave status 401: /foo/....
    .... Response sent with status 401

Bewildered I decided to forgo the provider-aliasing, and simply copied both the 
LDAP and the file settings into the location. Suddenly things started to work 
properly -- the messages from authnz_ldap appear in the log, the lookups 
succeed, and I'm able to login...

It looks like am not alone -- someone else has already asked about this on 

but got no replies...Please, advise. Yours,


View raw message