httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk van Deun <>
Subject Re: [users@httpd] RE: [EXT] [users@httpd] AuthLDAPInitialBindAsUser etc.
Date Mon, 08 May 2017 08:48:31 GMT

I should have given more context.  I am trying to protect a directory
of static content using the standard login dialog of the browser,
purely via .htaccess.  So there is no form to check.

I have an alternative solution that does wrap everything using a php
script and that functions fine, but that's overkill for static content.



> Hi Dirk
> You can perform some client-side javascript validation to make sure password field is
not empty before submitting form.
> Thanks & Regards
> Siddharth Sinha
> Associate IT Application Specialist
> Office: 8955329
> On-Call: +917774036954
> ________________________________
> ________________________________
> -----Original Message-----
> From: Dirk van Deun [] 
> Sent: Monday, May 08, 2017 1:41 PM
> To:
> Subject: [EXT] [users@httpd] AuthLDAPInitialBindAsUser etc.
> Hi all,
> I have a 90% solution for authenticating against an ldap server that does not allow unauthenticated
binds, but I'm looking for the last 10%.  I am using AuthLDAPInitialBindAsUser on, AuthLDAPSearchAsUser
on and AuthLDAPCompareAsUser on, and that works brilliantly as long as the user enters a password,
either correct or incorrect.
> However, if the user types a user name but no password, this is in effect still an attempt
to use unauthenticated bind, which fails, and the user gets an Internal Server Error; and
even worse is that reloading the page immediately gives a new Internal Server Error.  The
user has to close the browser and restart it before trying again.
> How do I prevent that from happening ?
> Best,
> Dirk van Deun
> --

Dirk van Deun
Ceterum censeo Redmond delendum

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message