authz_groupfile and authz_user both emit ERROR level messages when
they have require directives, but don't accept the current user.
But they cannot know if authz_core will call other authz providers to
allow access
e.g. groupfile:
t = require_args;
while ((w = ap_getword_conf(r->pool, &t)) && w[0]) {
if (apr_table_get(grpstatus, w)) {
return AUTHZ_GRANTED;
}
}
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01667)
"Authorization of user %s to access %s failed, reason: "
"user is not part of the 'require'ed group(s).",
r->user, r->uri);
Should these (and any others matching the pattern) be dropped to debug?
--
Eric Covener
[email protected]
