Bug#758513: fails to authenticate if multiple LDAP results match, misleading error message
On Sunday 05 October 2014 12:04:12, Daniel Pocock wrote:
> The bug report is not for the behavior (I agree it makes sense to
> deny the login), it is a problem with the error message.
>
> The error message says "user daniel not found" - but for this
> particular case, the error should be something like "multiple
> entries in the directory match the filter for digest username
> daniel"
Assuming that this concerns apache2 2.4.x: That message comes from
mod_auth_basic. There is no API that mod_authnz_ldap could use to pass
a different error message to mod_auth_basic. mod_authnz_ldap should
however log a more detailed message at level debug. (Try "Loglevel
authnz_ldap:debug") Did that not work, did you not try that, or would
you argue that the message should be at a different log level?
Reply to: