httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <>
Subject 2.4 authz logging oddity
Date Tue, 20 Aug 2013 14:40:26 GMT
authz_groupfile and authz_user both emit ERROR level messages when
they have require directives, but don't accept the  current user.

But they cannot know if authz_core will call other authz providers to
allow access

e.g. groupfile:

    t = require_args;
    while ((w = ap_getword_conf(r->pool, &t)) && w[0]) {
        if (apr_table_get(grpstatus, w)) {
            return AUTHZ_GRANTED;

    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01667)
                    "Authorization of user %s to access %s failed, reason: "
                    "user is not part of the 'require'ed group(s).",
                    r->user, r->uri);

Should these (and any others matching the pattern) be dropped to debug?

Eric Covener

View raw message