You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2013/09/04 18:04:06 UTC
[Bug 55523] New: auth_groupfile error log on access even though
successful
https://issues.apache.org/bugzilla/show_bug.cgi?id=55523
Bug ID: 55523
Summary: auth_groupfile error log on access even though
successful
Product: Apache httpd-2
Version: 2.4.6
Hardware: PC
Status: NEW
Severity: trivial
Priority: P2
Component: mod_authz_groupfile
Assignee: bugs@httpd.apache.org
Reporter: bgleason@mwgl.org
When I have Nested Require values in an htaccess, it present what I would
consider unconventional logging in the error log.
.htgroups file
administrators: admin
users: user1 user2 user3
For ex.
<RequireAll>
<RequireAny>
Require group users
Require group administrators
</RequireAny>
<RequireAny>
Require host Machine1.domain.net
Require host Machine2.domain.net
Require host Machine3.domain.net
Require host Machine4.domain.net
Require host Machine5.domain.net
Require host Machine6.domain.net
</RequireAny>
</RequireAll>
if I attempt to log into the virtualhost site from a valid system based on the
"require host" even though I am able to access the site, it presents this in
the error log.
[Wed Sep 04 10:39:33.159477 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access /
failed, reason: user is not part of the 'require'ed group(s).
[Wed Sep 04 10:39:33.315732 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access
/index.php/Main_Page failed, reason: user is not part of the 'require'ed
group(s).
[Wed Sep 04 10:39:33.315732 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access
/Main_Page failed, reason: user is not part of the 'require'ed group(s).
[Wed Sep 04 10:39:33.596991 2013] [authz_groupfile:error] [pid 1740:tid 928]
[client 172.20.103.47:60413] AH01667: Authorization of user admin to access
/load.php failed, reason: user is not part of the 'require'ed group(s).,
referer: http://Wikisite/index.php/Main_Page
[Wed Sep 04 10:39:33.753246 2013] [authz_groupfile:error] [pid 1740:tid 932]
[client 172.20.103.47:60414] AH01667: Authorization of user admin to access
/load.php failed, reason: user is not part of the 'require'ed group(s).,
referer: http://Wikisite/index.php/Main_Page
[Wed Sep 04 10:39:34.393892 2013] [authz_groupfile:error] [pid 1740:tid 932]
[client 172.20.103.47:60414] AH01667: Authorization of user admin to access
/favicon.ico failed, reason: user is not part of the 'require'ed group(s).
Some would say, yeah duh, he is not a member of the "users" group so it is
erroring based on that, but he is a member of the administrators group making
it successful, but what I am considering the error/bug is that it is showing
that as an error even though the authentication end result was SUCCESS.
Not sure if that would need to be flipped to debugging functionality where
authz_user, authz_host, authz_groupfile, etc. only log errors when the end
result is a failure and if the end result is success, log individual require
failures only when error logging is in debug mode...
Hope my quandary makes since.
Thanks...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55523] auth_groupfile error log on access even though
successful
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55523
--- Comment #5 from Eric Covener <co...@gmail.com> ---
It looks to me like I missed the problematic error message and fixed two
others. Will be post-2.4.12.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55523] auth_groupfile error log on access even though
successful
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55523
--- Comment #2 from Brian Gleason <bg...@mwgl.org> ---
After reviewing that linked bug, it sounds spot on. Since my server is running
on win32 I can't readily make a change and recompile, but the
description/explanation matches..
Thanks...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55523] auth_groupfile error log on access even though
successful
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55523
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
OS| |All
--- Comment #1 from Eric Covener <co...@gmail.com> ---
looks like a match for this, needs to be backported:
http://mail-archives.apache.org/mod_mbox/httpd-dev/201308.mbox/%3CCALK=YjPxFcLWKd7_WzMuwZ3O8XD9Zas-2UvAgm8w4hoCqK80HQ@mail.gmail.com%3E
http://svn.apache.org/viewvc?view=revision&revision=r1517366
Can you confirm?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55523] auth_groupfile error log on access even though
successful
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55523
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |FixedInTrunk
Status|NEEDINFO |NEW
--- Comment #3 from Eric Covener <co...@gmail.com> ---
Thanks, I have proposed it for backport into the next stable 2.4.x
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55523] auth_groupfile error log on access even though
successful
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55523
--- Comment #4 from Schultz IT Solutions <it...@schultz.ch> ---
Hello,
We are running Apache 2.4.10 on a windows environment.
And we are still getting (lots of) these messages in APACHE error log (although
the user actually CAN AND DOES access all the named files). So to me it looks
like this bug is not solved in APACHE 2.4.10-windows
Is there any chance of getting this fixed (as this really fills up our error
logs)?
Regards
Ruediger Schultz
Schultz IT Solutions
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org