Eric Covener <[EMAIL PROTECTED]> wrote: On Fri, May 9, 2008 at 3:51 PM, Fred Day wrote:
> click "OK" without entering anything for id and password ... if someone does > that, the get back an "Internal Server Error" rather than an "Authorization > Required". Note this does not happen on our apache 1.3 server also running > on linux. > The error in the error logs is basically: > > [Fri May 09 10:21:25 2008] [warn] [client 10.10.10.10] [14460] auth_ldap > authenticate: user authentication failed; URI > /pubdir1/privdir1/dir/page1.pdf [ldap_search_ext_s() for user > failed][Constraint violation], referer: > http://www.mysite.com/humanresources/forms.html > Looks like a bug, there's a special case for empty username but it seems like it's not doing the right test. -- Eric Covener [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Hi, Eric, thank you for responding. Somehow I did not receive or inadvertantly deleted your second response ( the one with the questions ) but someone forwarded it to me. For summary, you responded " Do you know what LDAP SDK your server is linked with? With LogLevel debug it should be reported at startup. With the version I'm using, the LDAP client is okay with searching for a filter value of "cn=" but yours apparently treats it as an illegal filter. " Changing the log level to debug and restarting gives a "[info] APR LDAP: Built with OpenLDAP LDAP SDK" line. A bit above that is a line: "info] Server: Apache/2.2.2, Interface: mod_nss/2.2.2, Library: NSS/3.11.2 ECC" The openldap client rpm is version 2.3.27-8. Thanks again for any help anyone can provide.
