httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] Ldap authorization - Internal Server Error
Date Tue, 23 Mar 2004 15:21:49 GMT
> -----Original Message-----
> From: Molly Mears [mailto:mmears2@washcoll.edu]
> 
> I have added Ldap authorization to my .htaccess files. It is 
> working fine, 
> with one annoying glitch. If a user enters their uid 
> incorrectly, they get 
> an Internal Server Error and the error log shows "Search must return 
> exactly 1 entry; found 0 entries for search 
> (&(objectclass=*)(uid=mmears)): 
> URI /mears".

The correct response for a failed login attempt is "401 Authorization
Required". Since the browser doesn't get this (it gets 500 Internal
Server Error), it thinks that the credentials are OK and so caches them
for re-use later. 

> If you enter the correct 
> username but the 
> wrong password, it reprompts correctly.

This case must return a correct 401 error which signals to the browser
to re-prompt.

> Anyone have an idea how to fix this? thank you.

You have to trap the server error and replace it with a 401. I don't
know anything about LDAP so couldn't advise further...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Molly Mears
> Washington College
> Chestertown, Md. 21620
> mmears2@washcoll.edu
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le présent e-mail est
un message privé et personnel, sans rapport avec l'activité boursière du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message