httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Covener" <cove...@gmail.com>
Subject Re: [users@httpd] Sudden "Can't Contact LDAP Server"
Date Mon, 19 Jan 2009 20:49:04 GMT
On Mon, Jan 19, 2009 at 2:37 PM, Oliver Marshall
<oliver.marshall@g2support.com> wrote:
> Hi chaps,
> We are seeing a problem with the server giving end users an "internal error"
> page at random when viewing trac sites or checking out SVN files. If you hit
> F5 a few times, for between 1 and 10'ish seconds, the pages start being
> served up again. This isn't awful in a browser, but for people using SVN via
> a piece of client software, which may not have an F5 alternative, it's bad
> as they just get an error.
>
>
>
> When this occurs the apache error.log shows very little other than "Can't
> contact ldap server". The debug listing from the error.log is below.
>
>
>
> ****************************
>
> 139874420-[Mon Jan 19 18:16:56 2009] [info] Initial (No.1) HTTPS request
> received for child 4 (server dev.company.com:443)
>
> 139874531-[Mon Jan 19 18:16:56 2009] [debug] mod_authnz_ldap.c(373): [client
> 10.1.37.13] [21455] auth_ldap authenticate: using URL
> ldap://10.1.37.250:389/OU=Users,OU=Company
> LLP,DC=company,DC=local?sAMAccountName?sub?(objectClass=*), referer:
> https://dev.company.com/trac/technical/report
>
> 139874804:[Mon Jan 19 18:16:56 2009] [warn] [client 10.1.37.13] [21455]
> auth_ldap authenticate: user john.blogs authentication failed; URI
> /trac/technical/newticket [LDAP: ldap_simple_bind_s() failed][Can't contact
> LDAP server], referer: https://dev.company.com/trac/technical/report
>
> 139875080-[Mon Jan 19 18:16:56 2009] [debug] ssl_engine_kernel.c(1770):
> OpenSSL: Write: SSL negotiation finished successfully
>
> 139875196-[Mon Jan 19 18:16:56 2009] [info] [client 10.1.37.13] Connection
> closed to child 4 with standard shutdown (server dev.company.com:443)
>
> 139875329-[Mon Jan 19 18:16:56 2009] [info] [client 10.1.37.13] Connection
> to child 3 established (server dev.company.com:443)

Can you easily reproduce this _and_ easily rebuild your httpd with a
patch? The current code retries in rapid succession without any delay.
Interesting that based on the context this seemed to happen on a "new"
child process.

I'd be interestedif you've ever been able to capture this under a
packet trace -- does the connection attempt ever hit the wire?

Finally, i'd expect openldap bugs would be the ones of interest,
unless I'm misunderstanding.

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message