Project

General

Profile

Actions

Bug #1090

closed

mod_auth ldap fails after LDAP restart

Added by Anonymous almost 18 years ago. Updated over 16 years ago.

Status:
Fixed
Priority:
Normal
Category:
mod_auth
Target version:
ASK QUESTIONS IN Forums:

Description

Error

A restart of the LDAP server without a restart of the lighttpd server causes the mod_auth ldap provider to fail

Systems to use

$OpenLDAP: slapd 2.2.13, lighttpd 1.4.13

Steps to create

1. Secure a page with ldap auth

2. Start openldap, then start lighttpd

3. Authenticate

4. Shutdown open ldap

5. Attempt to log in. You should receive the following error


2007-03-21 16:03:25: (mod_auth.c.624) ldap: Can't contact LDAP server 
2007-03-21 16:03:25: (http_auth.c.860) password doesn't match for / tnine

6. Restart ldap

7. Attempt to log in. You should receive the following error. Note that lighttpd does not try to re-establish connection to the LDAP server


2007-03-21 16:03:47: (http_auth.c.759) ldap ...
2007-03-21 16:03:47: (http_auth.c.860) password doesn't match for / tnine

8. Restart lighttpd, the authorization now works.

-- todd.nine

Actions #1

Updated by Anonymous over 17 years ago

The LDAP backend is already trying to re-setup the connection. Are you using SSL for the connection? Otherwise try to find out why the auth_ldap_init fails.

-- joerg

Actions #2

Updated by joerg over 17 years ago

OK, I can get this without restart of the server. I'll try to find out where it comes from.

Actions #3

Updated by joerg over 17 years ago

Todd, are you using conditional evaluation in the lighttd.conf?

Actions #4

Updated by Anonymous about 17 years ago

The cause for this is probably the same as for bugs #529 and #1096.

Actions #5

Updated by stbuehler over 16 years ago

The filter is now build correctly; as long as you have all your ldap options (except filter) only in blocks where you set the hostname, reconnect should work without problems too.

And there should have been a error message after "ldap ..."; the source shows:


log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno));

Perhaps you could do a strace and see why the ldap connection fails.

Actions #6

Updated by stbuehler over 16 years ago

  • Status changed from New to Fixed
  • Resolution set to duplicate

Remaining problems should be fixed with #1066.

Actions

Also available in: Atom