Ticket #1090 (new defect)

Opened 1 year ago

Last modified 7 months ago

mod_auth ldap fails after LDAP restart

Reported by: todd.nine@gmail.com Assigned to: jan
Priority: high Milestone: 1.4.20
Component: mod_auth Version: 1.4.16
Severity: critical Keywords: mod_auth
Cc: Blocking:
Need Feedback: 0

Description

Error

A restart of the LDAP server without a restart of the lighttpd server causes the mod_auth ldap provider to fail

Systems to use

$OpenLDAP: slapd 2.2.13, lighttpd 1.4.13

Steps to create

1. Secure a page with ldap auth

2. Start openldap, then start lighttpd

3. Authenticate

4. Shutdown open ldap

5. Attempt to log in. You should receive the following error 

2007-03-21 16:03:25: (mod_auth.c.624) ldap: Can't contact LDAP server 
2007-03-21 16:03:25: (http_auth.c.860) password doesn't match for / tnine

6. Restart ldap

7. Attempt to log in. You should receive the following error. Note that lighttpd does not try to re-establish connection to the LDAP server 

2007-03-21 16:03:47: (http_auth.c.759) ldap ...
2007-03-21 16:03:47: (http_auth.c.860) password doesn't match for / tnine

8. Restart lighttpd, the authorization now works.

Attachments

Change History

08/13/2007 04:55:55 PM changed by joerg@netbsd.org

  • pending changed.

The LDAP backend is already trying to re-setup the connection. Are you using SSL for the connection? Otherwise try to find out why the auth_ldap_init fails.

08/16/2007 02:13:49 PM changed by joerg

  • version changed from 1.4.13 to 1.4.16.

OK, I can get this without restart of the server. I'll try to find out where it comes from.

08/21/2007 10:29:27 AM changed by joerg

Todd, are you using conditional evaluation in the lighttd.conf?

11/23/2007 03:19:03 PM changed by anonymous

The cause for this is probably the same as for bugs #529 and #1096.

Add/Change #1090 (mod_auth ldap fails after LDAP restart)




Change Properties