[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 62448] New: Sometimes auth_ldap failed with "User not found", restart works


            Bug ID: 62448
           Summary: Sometimes auth_ldap failed with "User not found",
                    restart works
           Product: Apache httpd-2
           Version: 2.4.6
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_authnz_ldap
          Assignee: bugs@xxxxxxxxxxxxxxxx
          Reporter: mizeng@xxxxxxxx
  Target Milestone: ---

[Basic Info]
mod_ldap version: 2.4.6
OS: CentOS Linux release 7.3.1611
LDAP related config in httpd conf:
Include conf.modules.d/*.conf
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

LDAPVerifyServerCert Off

<Directory /import/home/sqlrpt/reports>
    Options Indexes ExecCGI FollowSymlinks
    Order deny,allow
    Deny from All
    AuthType Basic
    AuthName "Login with user id and prod pwd"
    AuthBasicProvider ldap
    AuthLDAPBindDN "xxx"
    AuthLDAPBindPassword pwd
    Require valid-user
    Satisfy any

[Problem detail]
Recently I've enabled ldap auth in Apache Httpd. It works well, but I found one

1.When httpd restarted, the LDAP auth works well with below logs:
mod_authnz_ldap.c(501): [client xxx:6118] AH01691: auth_ldap authenticate:
using URL ldaps://ldap.vip/...(memberOf=cn=...,*))
mod_authnz_ldap.c(593): [client xxx:6118] AH01697: auth_ldap authenticate:
accepting mizeng
mod_authz_core.c(809): [client xxx:6118] AH01626: authorization result of
Require valid-user : granted

2.However after some time, when I try to view the same page, it pop up a window
for login again. I can not pass auth with lots of times' retry. It shows user
not found with below logs:
mod_authnz_ldap.c(501): [client xxx:37460] AH01691: auth_ldap authenticate:
using URL ldaps://ldap.vip/...(&(objectClass=posixAccount)(memberOf=cn=...,*))
[authnz_ldap:info] [pid 4868] [client xxx:37460] AH01695: auth_ldap
authenticate: user mizeng authentication failed; URI /reports/ [User not
found][No such object]
[auth_basic:error] [pid 4868] [client] AH01618: user mizeng
not found: /reports/

3.I've no idea, just restart httpd, then it works well. But some time later,
the same problem will occur.

I've checked source code in
seems the code is not matches the log above (say, line 501, I can not find this
Could anyone help on this?

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx