httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Neil A. Hillard" <>
Subject [users@httpd] Proxy error caoused by mod_authnz_ldap?
Date Mon, 04 Feb 2008 11:37:33 GMT

	I'm experiencing a problem that I think might be related to

I have a virtualhost configured with the following:

 ProxyPass /jobs/

 <Location /jobs/>
  AuthType basic
  AuthName "Jobs Administration"
  AuthBasicProvider ldap
  AuthzLDAPAuthoritative on

  Require ldap-user username

  RequestHeader unset Authorization
LogLevel debug

Access generally works but occasionally returns a proxy error with a
reason of 'Error reading from remote server' however a packet capture
shows that Apache didn't even try to establish a connection to

I've upped the logging level to debug and the following is what's logged:

[Mon Feb 04 11:06:54 2008] [debug] mod_authnz_ldap.c(373): [client] [28349] auth_ldap authenticate: using URL
[Mon Feb 04 11:06:54 2008] [debug] mod_authnz_ldap.c(454): [client] [28349] auth_ldap authenticate: accepting username,
[Mon Feb 04 11:06:54 2008] [debug] mod_authnz_ldap.c(611): [client] [28349] auth_ldap authorise: require user: authorisation
successful, referer:
[Mon Feb 04 11:06:54 2008] [debug] mod_proxy_http.c(54): proxy: HTTP:
canonicalising URL //
[Mon Feb 04 11:06:54 2008] [debug] proxy_util.c(1335): [client] proxy: http: found worker for, referer:
[Mon Feb 04 11:06:54 2008] [debug] mod_proxy.c(756): Running scheme http
handler (attempt 0)
[Mon Feb 04 11:06:54 2008] [debug] mod_proxy_http.c(1662): proxy: HTTP:
serving URL
[Mon Feb 04 11:06:54 2008] [debug] proxy_util.c(1755): proxy: HTTP: has
acquired connection for (
[Mon Feb 04 11:06:54 2008] [debug] proxy_util.c(1815): proxy: connecting to
[Mon Feb 04 11:06:54 2008] [debug] proxy_util.c(1908): proxy: connected
/public/jobs/admin/index.asp to
[Mon Feb 04 11:06:54 2008] [debug] proxy_util.c(2098): proxy: HTTP:
connection complete to (
[Mon Feb 04 11:06:54 2008] [info] [client] (32)Broken pipe:
core_output_filter: writing data to the network
[Mon Feb 04 11:06:54 2008] [error] [client] proxy: error
reading status line from remote server, referer:
[Mon Feb 04 11:06:54 2008] [error] [client] proxy: Error
reading from remote server returned by /jobs/index.asp, referer:
[Mon Feb 04 11:06:54 2008] [debug] proxy_util.c(1773): proxy: HTTP: has
released connection for (

It seems to imply that the connection to the backend server failed
although no packets are ever sent to that server!  The packet capture
shows that the 502 is returned to the client 434 micro-seconds after the
 ldap call returned a success!

I have another virtual host configured on the same server, with an
almost identical configuration except that it has no authentication
configured.  This site has procesed thousands of requests this morning
and not one error!  Whereas the troublesome site has returned 35 errors
out of 443 requests!

Going directly to the backend server works all the time!

One other difference that I've just thought of with this backend server
is that it has two IP addresses (for historical reasons).  Is that known
to cause any problems?

I'm currently running CentOS 5 with Apache 2.2.3 (including all the
patches that RedHat have backported).

Any advice on this problem would be very much appreciated.

Many thanks in advance,


Neil Hillard          

Disclaimer: This message does not necessarily reflect the
            views of Westland Helicopters Ltd.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message