mod_auth ldap fails after LDAP restart
A restart of the LDAP server without a restart of the lighttpd server causes the mod_auth ldap provider to fail
Systems to use¶
$OpenLDAP: slapd 2.2.13, lighttpd 1.4.13
Steps to create¶
1. Secure a page with ldap auth
2. Start openldap, then start lighttpd
4. Shutdown open ldap
5. Attempt to log in. You should receive the following error
2007-03-21 16:03:25: (mod_auth.c.624) ldap: Can't contact LDAP server 2007-03-21 16:03:25: (http_auth.c.860) password doesn't match for / tnine
6. Restart ldap
7. Attempt to log in. You should receive the following error. Note that lighttpd does not try to re-establish connection to the LDAP server
2007-03-21 16:03:47: (http_auth.c.759) ldap ... 2007-03-21 16:03:47: (http_auth.c.860) password doesn't match for / tnine
8. Restart lighttpd, the authorization now works.
Updated by stbuehler about 11 years ago
The filter is now build correctly; as long as you have all your ldap options (except filter) only in blocks where you set the hostname, reconnect should work without problems too.
And there should have been a error message after "ldap ..."; the source shows:
log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno));
Perhaps you could do a strace and see why the ldap connection fails.
Also available in: Atom