DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40075>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40075 ------- Additional Comments From [EMAIL PROTECTED] 2007-01-15 11:55 ------- Sadly, you'll never get that far. In particular, when you get here, around line 571 in httpd-2.2.3: /* Search failed, log error and return failure */ if(result != LDAP_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "auth_ldap authorise: User DN not found, %s", ldc->reason); return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED; } you'll return. Our proposed AuthLDAPRequireDN (off) patch allows this return to be bypassed. Just below this code is where the requirements array is traversed, so if we can't get there, no requirements can be checked. Perhaps this return is an oversight, and there's no need for AuthLDAPRequireDN? The comment at 547: /* * If we have been authenticated by some other module than mod_auth_ldap, * the req structure needed for authorization needs to be created * and populated with the userid and DN of the account in LDAP */ certainly suggests that it may be OK to rely on an external authN, but obviously the code at 571 requires that the user exist in LDAP. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
