Bug#257220: apache2-common: mod_auth_ldap does not maintain binding dn between requests

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#257220: apache2-common: mod_auth_ldap does not maintain binding dn between requests
From: Erik Anderson <erikba@teamworkgroup.com>
Date: Thu, 01 Jul 2004 17:45:02 -0700
Message-id: <[🔎] 20040702004502.15047.qmail@knight.vpn>
Reply-to: Erik Anderson <erikba@teamworkgroup.com>, 257220@bugs.debian.org

Package: apache2-common
Version: 2.0.49-1
Severity: normal

I have been attempting to diagnose a difficult-to-reproduce bug within
mod_auth_ldap.  It appears to only search for the requested user using
the specified AuthLDAPBindDN during the first request, all other times
it uses the dn of the most recently successful authentication.  This
does not work if the previously authenticated user does not have the
authority to search for the new user to access the server.

I also appear to have an issue when a bad password is entered for a user
on a web page.  The failure is recorded as a "bad password" error in the
apache2 log (as expected), but all future requests fail with "no such
user" until the web session is closed and re-opened.

I have found a fairly comprehensive description of this bug that applies
to a different auth_ldap module for Apache 1.3, the symptoms I am
exhibiting are very similar.  I was unable to determine how to apply the
specified patch to my apache2 installation.

http://www.suares.com/auth_ldap


-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache2-common depends on:
ii  debconf                     1.4.28       Debian configuration management sy
ii  debianutils                 2.8.2        Miscellaneous utilities specific t
ii  libapr0                     2.0.49-1     The Apache Portable Runtime
ii  libc6                       2.3.2.ds1-13 GNU C Library: Shared libraries an
ii  libdb4.2                    4.2.52-16    Berkeley v4.2 Database Libraries [
ii  libexpat1                   1.95.6-8     XML parsing C library - runtime li
ii  libldap2                    2.1.23-1     OpenLDAP libraries
ii  libmagic1                   4.09-1       File type determination library us
ii  libssl0.9.7                 0.9.7d-3     SSL shared libraries
ii  mime-support                3.26-1       MIME files 'mime.types' & 'mailcap
ii  net-tools                   1.60-10      The NET-3 networking toolkit
ii  openssl                     0.9.7d-3     Secure Socket Layer (SSL) binary a
ii  ssl-cert                    1.0-7        Simple debconf wrapper for openssl
ii  zlib1g                      1:1.2.1.1-3  compression library - runtime

-- no debconf information

Reply to:

Prev by Date: Processed: Re: Processed: Re: Bug#257108: apache: /var/lib/apache/mod-bandwidth/ is world writable
Next by Date: Bug#257228: apache2: FTBFS on kfreebsd-i386/sid; needs update config.{sub,guess}, new libtool
Previous by thread: Processed: Re: Processed: Re: Bug#257108: apache: /var/lib/apache/mod-bandwidth/ is world writable
Next by thread: Bug#257228: apache2: FTBFS on kfreebsd-i386/sid; needs update config.{sub,guess}, new libtool
Index(es):
- Date
- Thread