You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Molly Mears <mm...@washcoll.edu> on 2004/03/23 17:07:07 UTC
[users@httpd] Ldap authorization - solved thank you
Thanks. This inadvertently fixed my problem. I added an ErrorDocument and
got a new error...it was trying to verify the user using the error
document, I guess because I have AuthLDAPAuthoritative Off. I added an
empty password file to check and now it reprompts for the user. Thanks for
the help!
--On Tuesday, March 23, 2004 4:21 PM +0100 Boyle Owen <Ow...@swx.com>
wrote:
>> -----Original Message-----
>> From: Molly Mears [mailto:mmears2@washcoll.edu]
>>
>> I have added Ldap authorization to my .htaccess files. It is
>> working fine,
>> with one annoying glitch. If a user enters their uid
>> incorrectly, they get
>> an Internal Server Error and the error log shows "Search must return
>> exactly 1 entry; found 0 entries for search
>> (&(objectclass=*)(uid=mmears)):
>> URI /mears".
>
> The correct response for a failed login attempt is "401 Authorization
> Required". Since the browser doesn't get this (it gets 500 Internal
> Server Error), it thinks that the credentials are OK and so caches them
> for re-use later.
>
>> If you enter the correct
>> username but the
>> wrong password, it reprompts correctly.
>
> This case must return a correct 401 error which signals to the browser
> to re-prompt.
>
>> Anyone have an idea how to fix this? thank you.
>
> You have to trap the server error and replace it with a 401. I don't
> know anything about LDAP so couldn't advise further...
>
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored.
>
>>
>> Molly Mears
>> Washington College
>> Chestertown, Md. 21620
>> mmears2@washcoll.edu
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP
>> Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
> Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
> keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
> e-mail is of a private and personal nature. It is not related to the
> exchange or business activities of the SWX Group. Le présent e-mail est
> un message privé et personnel, sans rapport avec l'activité boursière du
> Groupe SWX.
>
> This message is for the named person's use only. It may contain
> confidential, proprietary or legally privileged information. No
> confidentiality or privilege is waived or lost by any mistransmission.
> If you receive this message in error, please notify the sender urgently
> and then immediately delete the message and any copies of it from your
> system. Please also immediately destroy any hardcopies of the message.
> You must not, directly or indirectly, use, disclose, distribute, print,
> or copy any part of this message if you are not the intended recipient.
> The sender's company reserves the right to monitor all e-mail
> communications through their networks. Any views expressed in this
> message are those of the individual sender, except where the message
> states otherwise and the sender is authorised to state them to be the
> views of the sender's company.
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org