You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by bn...@apache.org on 2002/09/19 01:38:30 UTC
cvs commit: httpd-2.0/modules/experimental mod_auth_ldap.c
bnicholes 2002/09/18 16:38:30
Modified: modules/experimental mod_auth_ldap.c
Log:
If the user passed invalid credentials (user id or password) and auth_ldap is
authoritative, allow the user to retry. This is consistent with the other auth
modules. It previously only allowed a retry if the password was invalid.
Revision Changes Path
1.7 +2 -2 httpd-2.0/modules/experimental/mod_auth_ldap.c
Index: mod_auth_ldap.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/experimental/mod_auth_ldap.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- mod_auth_ldap.c 30 Jul 2002 19:38:11 -0000 1.6
+++ mod_auth_ldap.c 18 Sep 2002 23:38:30 -0000 1.7
@@ -280,12 +280,12 @@
"[%d] auth_ldap authenticate: "
"user %s authentication failed; URI %s [%s][%s]",
getpid(), r->user, r->uri, ldc->reason, ldap_err2string(result));
- if (LDAP_INVALID_CREDENTIALS == result) {
+ if ((LDAP_INVALID_CREDENTIALS == result) || sec->auth_authoritative) {
ap_note_basic_auth_failure(r);
return HTTP_UNAUTHORIZED;
}
else {
- return sec->auth_authoritative? HTTP_UNAUTHORIZED: DECLINED;
+ return DECLINED;
}
}