You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "gray.ro" <gr...@gmail.com> on 2021/07/27 10:18:27 UTC
[users@httpd] Apache 2.4 / Basic authentication using LDAP, 500 error occured when
wrong user or password.
I'm using CentOS 8 Stream + Apache 2.4 + Subversion + openldap.
I want to allow access to SVN only for users who belong to a specific
LDAP group (svn-users) using basic authentication.
I have a problem.
I get a 500 Internal Server Error, when I enter wrong ID or Password
to basic authentication dialog in the browser.
In this case, basic authentication dialog doesn't reappear.
To retry input ID and Passwrod, I must restart the browser.
I expected basic authentication dialog reappar.
When 500 error occured, "AH01796: AuthType Basic configured without
corresponding module" appears in my error_log.
But auth_basic_module is included in "httpd -t -M".
I don’t know what is wrong.
Does anyone know how to solve this error?
# config
----------------------------------------
<Location /svn/svn-test>
DAV svn
SVNPath /usr/local/svn/svn-test
LogLevel debug
AuthLDAPBindDN <MyAdmin>
AuthLDAPBindPassword <MyAdminPassword>
LDAPReferrals off
AuthLDAPBindAuthoritative off
AuthType Basic
AuthName "Subversion repository(LDAP)"
AuthBasicAuthoritative off
AuthUserFile /dev/null
AuthBasicProvider ldap
AuthzSVNAccessFile /usr/local/svn/svn-test/authzsvn.conf
AuthLDAPGroupAttributeIsDN off
AuthLDAPGroupAttribute memberUid
AuthLDAPUrl ldap://192.168.100.110/ou=People,dc=my,dc=svn,dc=local?uid
Require ldap-group cn=svn-users,ou=Groups,dc=my,dc=svn,dc=local
</Location>
----------------------------------------
# error_log
----------------------------------------
[Tue Jul 20 21:55:55.187406 2021] [authz_svn:info] [pid 195900:tid
140586669557504] [client 192.168.100.120:56967] Access granted: - GET
(null)
[Tue Jul 20 21:55:55.187474 2021] [authz_core:debug] [pid 195900:tid
140586669557504] mod_authz_core.c(820): [client 192.168.100.120:56967]
AH01626: authorization result of Require ldap-group
cn=svn-users,ou=Groups,dc=my,dc=svn,dc=local: denied (no authenticated
user yet)
[Tue Jul 20 21:55:55.187484 2021] [authz_core:debug] [pid 195900:tid
140586669557504] mod_authz_core.c(820): [client 192.168.100.120:56967]
AH01626: authorization result of <RequireAny>: denied (no
authenticated user yet)
[Tue Jul 20 21:55:58.763087 2021] [authz_core:debug] [pid 195900:tid
140586635986688] mod_authz_core.c(820): [client 192.168.100.120:56967]
AH01626: authorization result of Require ldap-group
cn=svn-users,ou=Groups,dc=my,dc=svn,dc=local: denied (no authenticated
user yet)
[Tue Jul 20 21:55:58.763150 2021] [authz_core:debug] [pid 195900:tid
140586635986688] mod_authz_core.c(820): [client 192.168.100.120:56967]
AH01626: authorization result of <RequireAny>: denied (no
authenticated user yet)
[Tue Jul 20 21:55:58.763159 2021] [authnz_ldap:debug] [pid 195900:tid
140586635986688] mod_authnz_ldap.c(523): [client
192.168.100.120:56967] AH01691: auth_ldap authenticate: using URL
ldap://192.168.100.110/ou=People,dc=my,dc=svn,dc=local?uid
[Tue Jul 20 21:55:58.765260 2021] [authnz_ldap:debug] [pid 195900:tid
140586635986688] mod_authnz_ldap.c(561): [client
192.168.100.120:56967] AH01694: auth_ldap authenticate: user svnuser
authentication failed; URI /svn/svn-test/ [ldap_simple_bind() to check
user credentials failed][Invalid credentials] (not authoritative)
[Tue Jul 20 21:55:58.765297 2021] [authn_core:error] [pid 195900:tid
140586635986688] [client 192.168.100.120:56967] AH01796: AuthType
Basic configured without corresponding module
----------------------------------------
# module include
----------------------------------------
[root@my-redmine conf.d]]# httpd -t -M | grep auth
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
authnz_ldap_module (shared)
authz_svn_module (shared)
[root@my-redmine conf.d]]#
----------------------------------------
I asked this question in ServerFault, but no one answer to me yet.
https://serverfault.com/questions/1070167/apache-2-4-and-ldap-basic-authentication-issues
I tryed below.
-----------------------------------------
LDAPReferrals on/off
https://stackoverflow.com/questions/29378054/configuring-ldap-on-apache-2-4-on-a-window-server-authenticating-against-anothe
AuthBasicAuthoritative on/off
https://www.spinics.net/lists/apache-users/msg115998.html
I'm not using ldaps
https://stackoverflow.com/questions/48280297/converting-apache-2-2-to-apache-2-4-ldap-authentication
-----------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org