httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Clark <tony.cl...@rsp.com.au>
Subject [users@httpd] mod_authnz_ldap - seemingly authenticating, but not working...
Date Sun, 24 Sep 2006 01:33:52 GMT
hi all,

I'm trying to use this module to authenticate a web site here from my  
ldap server.  When accessing the site, it pops up the authentication  
dialog, takes my info and then rather than letting me into the site,  
sends me to the authentication dialog again (endlessly).

The authentication appears to work fine, and a query of the same  
credentials using ldapsearch from the web server works fine.

I'm stumped and haven't seen anything like this out there elsewhere  
on google either...  Could anyone see anywhere where I've gone wrong  
here?

The only thing I see potentially wierd is that the ldap server logs:

ldap_read: want=8 error=Resource temporarily unavailable
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)

during the transation...

Many thanks,

Tony


 From access_log.wiki after a successful login:

203.0.153.46 - - [24/Sep/2006:09:08:19 +0930] "GET / HTTP/1.1" 401 482
203.0.153.46 - tony [24/Sep/2006:09:08:23 +0930] "GET / HTTP/1.1" 401  
482

 From error_log.wiki after an unsuccessful login:

[Sun Sep 24 08:49:38 2006] [warn] [client 203.0.153.46] [12211]  
auth_ldap authenticate: user tony authentication failed; URI /  
[ldap_simple_bind_s() to check user credentials failed][Invalid  
credentials]
[Sun Sep 24 08:49:38 2006] [error] [client 203.0.153.46] user tony:  
authentication failure for "/": Password Mismatch

(there's nothing in there after a successful login)

My host config:

<VirtualHost *:80>
     ServerAdmin webmaster@x.x.x.x
     DocumentRoot /var/www/html/wiki
     ServerName wiki.cine.net.au
     ErrorLog logs/error_log.wiki
     CustomLog logs/access_log.wiki common

<Location "/">
   AuthType Basic
   AuthName "Admin Access"
   AuthBasicProvider ldap
   AuthzLDAPAuthoritative on
   AuthLDAPURL ldap://x.x.x.x/dc=cine,dc=net,dc=au?uid?sub? 
(objectClass=*)
   require valid-user
</Location>

</VirtualHost>

More LDAP debugs (cut down):

<= send_search_entry: conn 0 exit.
send_ldap_result: conn=0 op=1 p=3
send_ldap_response: msgid=2 tag=101 err=0
ber_flush: 14 bytes to sd 12
   0000:  30 0c 02 01 02 65 07 0a  01 00 04 00 04 00          
0....e........
ldap_write: want=14, written=14
   0000:  30 0c 02 01 02 65 07 0a  01 00 04 00 04 00          
0....e........
connection_get(12): got connid=0
connection_read(12): checking for input on id=0
ber_get_next
ldap_read: want=8, got=8
   0000:  30 3f 02 01 03 60 3a 02                            0?...`:.
ldap_read: want=57, got=57
   0000:  01 03 04 2b 63 6e 3d 54  6f 6e 79 20 43 6c 61 72   ... 
+cn=Tony Clar
   0010:  6b 2c 6f 75 3d 75 73 65  72 73 2c 64 63 3d 63 69    
k,ou=users,dc=ci
   0020:  6e 65 2c 64 63 3d 6e 65  74 2c 64 63 3d 61 75 80    
ne,dc=net,dc=au.
   0030:  08 xx xx xx xx xx xx xx                         .xxxxxxx
ber_get_next: tag 0x30 len 63 contents:
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt (m}) ber:
 >>> dnPrettyNormal: <cn=Tony Clark,ou=users,dc=cine,dc=net,dc=au>
<<< dnPrettyNormal: <cn=Tony Clark,ou=users,dc=cine,dc=net,dc=au>,  
<cn=tony clark,ou=users,dc=cine,dc=net,dc=au>
do_bind: version=3 dn="cn=Tony Clark,ou=users,dc=cine,dc=net,dc=au"  
method=128
bdb_dn2entry("cn=tony clark,ou=users,dc=cine,dc=net,dc=au")
do_bind: v3 bind: "cn=Tony Clark,ou=users,dc=cine,dc=net,dc=au" to  
"cn=Tony Clark,ou=users,dc=cine,dc=net,dc=au"
send_ldap_result: conn=0 op=2 p=3
send_ldap_response: msgid=3 tag=97 err=0
ber_flush: 14 bytes to sd 12
   0000:  30 0c 02 01 03 61 07 0a  01 00 04 00 04 00          
0....a........
ldap_write: want=14, written=14
   0000:  30 0c 02 01 03 61 07 0a  01 00 04 00 04 00          
0....a........



tony clark
director - tony.clark@rsp.com.au
---------------------------------------------------------------
rising sun pictures - www.rsp.com.au
redefining visual effects delivery
---------------------------------------------------------------
address	level 1 / 180 pulteney street
		adelaide south australia 5000
---------------------------------------------------------------
adelaide ph +61 8 8400 6400 fax +61 8 8400 6401
sydney    ph +61 2 9338 6400 fax +61 2 9338 6401
---------------------------------------------------------------
rising sun research - http://research.rsp.com.au
---------------------------------------------------------------




Mime
View raw message