httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Klaus Darilion <klaus.mailingli...@pernau.at>
Subject [users@httpd] Temporarily authentication errors with auth_dbd and postgres
Date Wed, 02 Dec 2015 21:11:20 GMT
Hi!

I have a weird problem with Apache basic auth using a DB backend (Apache
2.4.7-1ubuntu4.8 on Ubuntu 14.04 authenticating against a Postgresql 8.4
server).

Usually it works fine:

Browser                    Apache             DB
|--POST w/o credentials ---->|                |
|<--------401----------------|                |
|--POST w credentials ------>|                |
|                            |---SELECT .. -->|
|                            |<-- pw-hash ----|
|<--------200----------------|                |

But every 10th request (sometimes earlier, sometimes later) I see the
following scenario:

Browser                    Apache             DB
|--POST w/o credentials ---->|                |
|<--------401----------------|                |
|--POST w credentials ------>|                |
|                            |---SELECT .. -->|
|                            |<-- pw-hash ----|
|<--------401----------------|                |

Although the DB returns the same password-hash as always, and the
browser sends the correct credentials (as in the working scenario),
Apache replies with 401.

I enabled dumpio and set logging to trace7 but could not spot anything
suspect. I also used tcpdump and captured the whole DB-related traffic:
no TCP problems, everthing is fine.

For testing I moved all users to a local AuthUserFile and then
everything works fine.

I had the same setup running for years without problems on Ubuntu 10.04
with Apache 2.2.14, were Apache was running on the same host as the DB.

I would really appreciate any hints what I could add to my debugging to
find the cause of this problem.

Thanks
Klaus

the config is simple:

<VirtualHost 83.136.34.15:443 2a02:850:8::15:443>
        ...
        DBDriver pgsql
        DBDParams "dbname=...."
        DBDMin  1
        DBDKeep 2
        DBDMax  20
        DBDExptime 300

        <Location /soap>
                AuthType Basic
                AuthName "API"
                AuthBasicProvider dbd
                AuthDBDUserPWQuery "SELECT password FROM accounts WHERE
username = %s"
                Require valid-user
                php_value include_path
".:/usr/share/php:/usr/share/pear:/var/www/api-test"
        </Location>
        ...
</VirtualHost>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message