httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Molly Mears <mmea...@washcoll.edu>
Subject [users@httpd] Ldap authorization - solved thank you
Date Tue, 23 Mar 2004 16:07:07 GMT
Thanks. This inadvertently fixed my problem. I added an ErrorDocument and 
got a new error...it was trying to verify the user using the error 
document, I guess because I have AuthLDAPAuthoritative Off. I added an 
empty password file to check and now it reprompts for the user. Thanks for 
the help!

--On Tuesday, March 23, 2004 4:21 PM +0100 Boyle Owen <Owen.Boyle@swx.com> 
wrote:

>> -----Original Message-----
>> From: Molly Mears [mailto:mmears2@washcoll.edu]
>>
>> I have added Ldap authorization to my .htaccess files. It is
>> working fine,
>> with one annoying glitch. If a user enters their uid
>> incorrectly, they get
>> an Internal Server Error and the error log shows "Search must return
>> exactly 1 entry; found 0 entries for search
>> (&(objectclass=*)(uid=mmears)):
>> URI /mears".
>
> The correct response for a failed login attempt is "401 Authorization
> Required". Since the browser doesn't get this (it gets 500 Internal
> Server Error), it thinks that the credentials are OK and so caches them
> for re-use later.
>
>> If you enter the correct
>> username but the
>> wrong password, it reprompts correctly.
>
> This case must return a correct 401 error which signals to the browser
> to re-prompt.
>
>> Anyone have an idea how to fix this? thank you.
>
> You have to trap the server error and replace it with a 401. I don't
> know anything about LDAP so couldn't advise further...
>
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored.
>
>>
>> Molly Mears
>> Washington College
>> Chestertown, Md. 21620
>> mmears2@washcoll.edu
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP
>> Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
> Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
> keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
> e-mail is of a private and personal nature. It is not related to the
> exchange or business activities of the SWX Group. Le présent e-mail est
> un message privé et personnel, sans rapport avec l'activité boursière du
> Groupe SWX.
>
> This message is for the named person's use only. It may contain
> confidential, proprietary or legally privileged information. No
> confidentiality or privilege is waived or lost by any mistransmission.
> If you receive this message in error, please notify the sender urgently
> and then immediately delete the message and any copies of it from your
> system. Please also immediately destroy any hardcopies of the message.
> You must not, directly or indirectly, use, disclose, distribute, print,
> or copy any part of this message if you are not the intended recipient.
> The sender's company reserves the right to monitor all e-mail
> communications through their networks. Any views expressed in this
> message are those of the individual sender, except where the message
> states otherwise and the sender is authorised to state them to be the
> views of the sender's company.
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message