On Fri, May 9, 2008 at 3:51 PM, Fred Day <[EMAIL PROTECTED]> wrote: > click "OK" without entering anything for id and password ... if someone does > that, the get back an "Internal Server Error" rather than an "Authorization > Required". Note this does not happen on our apache 1.3 server also running > on linux. > The error in the error logs is basically: > > [Fri May 09 10:21:25 2008] [warn] [client 10.10.10.10] [14460] auth_ldap > authenticate: user authentication failed; URI > /pubdir1/privdir1/dir/page1.pdf [ldap_search_ext_s() for user > failed][Constraint violation], referer: > http://www.mysite.com/humanresources/forms.html >
Looks like a bug, there's a special case for empty username but it seems like it's not doing the right test. -- Eric Covener [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
