Bug #1090

mod_auth ldap fails after LDAP restart

Added by Anonymous almost 13 years ago. Updated over 11 years ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Missing in 1.5.x:



A restart of the LDAP server without a restart of the lighttpd server causes the mod_auth ldap provider to fail

Systems to use

$OpenLDAP: slapd 2.2.13, lighttpd 1.4.13

Steps to create

1. Secure a page with ldap auth

2. Start openldap, then start lighttpd

3. Authenticate

4. Shutdown open ldap

5. Attempt to log in. You should receive the following error

2007-03-21 16:03:25: (mod_auth.c.624) ldap: Can't contact LDAP server 
2007-03-21 16:03:25: (http_auth.c.860) password doesn't match for / tnine

6. Restart ldap

7. Attempt to log in. You should receive the following error. Note that lighttpd does not try to re-establish connection to the LDAP server

2007-03-21 16:03:47: (http_auth.c.759) ldap ...
2007-03-21 16:03:47: (http_auth.c.860) password doesn't match for / tnine

8. Restart lighttpd, the authorization now works.

-- todd.nine


Updated by Anonymous over 12 years ago

The LDAP backend is already trying to re-setup the connection. Are you using SSL for the connection? Otherwise try to find out why the auth_ldap_init fails.

-- joerg


Updated by joerg over 12 years ago

OK, I can get this without restart of the server. I'll try to find out where it comes from.


Updated by joerg over 12 years ago

Todd, are you using conditional evaluation in the lighttd.conf?


Updated by Anonymous about 12 years ago

The cause for this is probably the same as for bugs #529 and #1096.


Updated by stbuehler over 11 years ago

The filter is now build correctly; as long as you have all your ldap options (except filter) only in blocks where you set the hostname, reconnect should work without problems too.

And there should have been a error message after "ldap ..."; the source shows:

log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno));

Perhaps you could do a strace and see why the ldap connection fails.


Updated by stbuehler over 11 years ago

  • Status changed from New to Fixed
  • Resolution set to duplicate

Remaining problems should be fixed with #1066.

Also available in: Atom