httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Keigo IMAI <syd...@agusa.i.is.nagoya-u.ac.jp>
Subject Re: [users@httpd] problem : mod_authnz_ldap with AuthType Digest
Date Fri, 10 Feb 2006 20:00:51 GMT
David Bell wrote:
> Perhaps you need a AuthDigestProvider line instead of  
> AuthBasicProvider?
Thanks. Now I realized the problem...

As you have pointed out,
Basic AuthType must be used with AuthBasicProvider, and Digest with  
AuthDigestProvider.
(Then, why is it possible to use AuthType Digest with  
AuthBasicProvider??? It works fine on our setting.)

However, I found that AuthDigestProvider does not support LDAP now.
So mod_authnz_ldap can only be used with AuthType Basic.
When I wrote "AuthDigestProvider ldap", I got following and apache  
wouldn't start:
> Syntax error on line 23 of /opt/local/apache2/conf/extra/httpd- 
> dav.conf:
> The 'ldap' Authn provider doesn't support Digest Authentication

Thanks a lot again.

Best regards.

On 2006/02/11, at 4:14(+0900), David Bell wrote:

> I got that error when I didn't have AuthBasicProvider LDAP and  
> using Basic AuthType. Perhaps you need a AuthDigestProvider line  
> instead of AuthBasicProvider?
>
> Cheers,
> Dave
>
> Keigo IMAI wrote:
>
>> Hello,
>>
>> I encountered a problem when using mod_authnz_ldap with digest  
>> password.
>>
>> OS : Mac OS X Server 10.4
>> Apache : 2.2.0
>> (attached config.log)
>>
>> Once I try to get the page with authentication by LDAP and Digest   
>> password
>> (submitting id and pass), then it immediately returns a 500 error  
>> to  my browser.
>>
>> Below is the part of my httpd.conf file.
>>
>>> Alias /uploads "/opt/local/apache2/uploads"
>>>
>>> <Directory "/opt/local/apache2/uploads">
>>>
>>>     Options All
>>>     Order allow,deny
>>>     Allow from all
>>>
>>>     AuthBasicAuthoritative off
>>>
>>>     AuthName upload
>>>
>>>     # switch here ---- Digest or Basic
>>>     AuthType Digest
>>>     #AuthType Basic
>>>     # -------------------------
>>>
>>>     # switch below ---- ldap or file
>>>     AuthBasicProvider ldap
>>>     AuthLDAPURL ldap://osxserver/dc=somewhere,dc=jp?uid
>>>     AuthzLDAPAuthoritative off
>>>
>>>     #AuthBasicProvider file
>>>     #AuthUserFile "/opt/local/apache2/user.passwd"
>>>     # -------------------------------
>>>
>>>     require valid-user
>>>
>>> </Directory>
>>
>>
>> And when I accessed to:
>> http://<www>/uploads/
>> then I got a 500 error.
>>
>> Apache2 says:
>>
>>> [Sat Feb 11 02:57:39 2006] [error] Internal error: pcfg_openfile 
>>> ()  called with NULL filename
>>> [Sat Feb 11 02:57:39 2006] [error] [client xxx.yyy.zzz.www] (9) 
>>> Bad  file descriptor: Could not open password file: (null)
>>
>> (when loglevel is 'debug')
>>
>> ...However, it works fine when I switch to:
>>   1. "AuthType Basic"
>> or,
>>   2. "AuthBasicProvider file"
>> respectively, like the comment of above fragment of conf file.
>> So I am sure that all modules including mod_authnz_ldap and   
>> mod_auth_digest are loaded properly.
>>
>> And more, I guess that the combination of mod_authnz_ldap with  
>> Digest  password causes this.
>> Is there anyone who encountered this problem?
>> ...or, is this an OSX specific bug?
>>
>> Any help will be appreciated.
>> (And, sorry for my unskilled English.)
>>
>> regards,
>> Keigo IMAI
>>
>> --------------------------------------------------------------------- 
>> ---
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server  
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
>
> -- 
>         ______
>        /_____/\
>       /____ \\ \       David Richard Bell
>      /_____\ \\ /      Web Project Manager
>     /_____/ \/ / /     Web Experience and Design
>    /_____/ /   \//\    500 Eldorado Blvd. UBRM05-A350
>    \_____\//\   / /    Broomfield, CO. 80021
>     \_____/ / /\ /     Phone 1-303-547-3375 / x51534
>      \_____/ \\ \      Email: D.Bell@Sun.com
>       \_____\ \\
>        \_____\/
>
>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server  
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message