On 05/10/14 18:56, Stefan Fritsch wrote: > On Sunday 05 October 2014 12:04:12, Daniel Pocock wrote: >> The bug report is not for the behavior (I agree it makes sense to >> deny the login), it is a problem with the error message. >> >> The error message says "user daniel not found" - but for this >> particular case, the error should be something like "multiple >> entries in the directory match the filter for digest username >> daniel" > > Assuming that this concerns apache2 2.4.x: That message comes from > mod_auth_basic. There is no API that mod_authnz_ldap could use to pass > a different error message to mod_auth_basic. mod_authnz_ldap should > however log a more detailed message at level debug. (Try "Loglevel > authnz_ldap:debug") Did that not work, did you not try that, or would > you argue that the message should be at a different log level? >
I hadn't tried debug logging I feel that more detail should be available at the level of the error itself. If that really is impossible, then "user X not found" could become "error finding user X, enable debug for more detail". "not found" is misleading. In my case, this was a system that had been working fine for a long time and then somebody made a subtle change to the LDAP structure and the message "user daniel not found" didn't help me locate the root cause of the problem as quickly as I would have liked. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
