You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2013/08/25 21:07:11 UTC

svn commit: r1517366 - in /httpd/httpd/trunk: CHANGES modules/aaa/mod_authz_groupfile.c modules/aaa/mod_authz_user.c

Author: covener
Date: Sun Aug 25 19:07:11 2013
New Revision: 1517366

URL: http://svn.apache.org/r1517366
Log:
Don't log AUTHZ_DENIED failures at ERROR level in authz providers


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/aaa/mod_authz_groupfile.c
    httpd/httpd/trunk/modules/aaa/mod_authz_user.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1517366&r1=1517365&r2=1517366&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sun Aug 25 19:07:11 2013
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_authz_groupfile, mod_authz_user: Reduce severity of AH01671 and AH01663
+     from ERROR to DEBUG, since these modules do not know what mod_authz_core
+     is doing with their AUTHZ_DENIED return value. [Eric Covener]
+
   *) mod_authnz_fcgi: New module to enable FastCGI authorizer
      applications to authenticate and/or authorize clients.
      [Jeff Trawick]

Modified: httpd/httpd/trunk/modules/aaa/mod_authz_groupfile.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authz_groupfile.c?rev=1517366&r1=1517365&r2=1517366&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authz_groupfile.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authz_groupfile.c Sun Aug 25 19:07:11 2013
@@ -248,7 +248,7 @@ static authz_status filegroup_check_auth
         return AUTHZ_DENIED;
     }
 
-    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01671)
+    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01671)
                   "Authorization of user %s to access %s failed, reason: "
                   "user is not part of the 'require'ed file group.",
                   r->user, r->uri);

Modified: httpd/httpd/trunk/modules/aaa/mod_authz_user.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authz_user.c?rev=1517366&r1=1517365&r2=1517366&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authz_user.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authz_user.c Sun Aug 25 19:07:11 2013
@@ -62,7 +62,7 @@ static authz_status user_check_authoriza
         }
     }
 
-    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01663)
+    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01663)
                   "access to %s failed, reason: user '%s' does not meet "
                   "'require'ments for user to be allowed access",
                   r->uri, r->user);