Project

General

Profile

Bug #2345

closed

LDAP authentication problem

Added by jncneo about 9 years ago. Updated over 4 years ago.

Status:
Fixed
Priority:
Normal
Category:
mod_auth
Target version:
ASK QUESTIONS IN Forums:

Description

We are using on our servers lighttpd version 1.4.24 and mod_auth with LDAP backend. In standard situation all works correct: user receive Basic Auth message, enter login / password and login. After this user visit site pages without new Basic Auth messages.

Problem is: When there is high-load on system, lighttpd server sends re-auth requests for some users. In this time I can see in lighttpd error log next messages:

2011-09-15 03:25:06: (http_auth.c.816) ldap: Can't contact LDAP server
2011-09-15 03:25:06: (http_auth.c.880) password doesn't match for /http-bind/ admin , IP: 192.168.1.16
2011-09-15 04:41:07: (http_auth.c.816) ldap: Can't contact LDAP server
2011-09-15 04:41:07: (http_auth.c.880) password doesn't match for /http-bind/ user194 , IP: 192.168.1.15
2011-09-15 06:14:27: (http_auth.c.816) ldap: Can't contact LDAP server
2011-09-15 06:14:27: (http_auth.c.880) password doesn't match for /http-bind/ user199 , IP: 192.168.1.15
2011-09-15 09:29:53: (http_auth.c.816) ldap: Can't contact LDAP server
2011-09-15 09:29:53: (http_auth.c.880) password doesn't match for /http-bind/ admin , IP: 192.168.1.16
2011-09-15 09:55:06: (http_auth.c.771) ldap ...
2011-09-15 09:55:06: (http_auth.c.880) password doesn't match for /http-bind/ Artyom , IP: 192.168.1.16
2011-09-15 09:55:14: (http_auth.c.771) ldap ...
2011-09-15 09:55:14: (http_auth.c.880) password doesn't match for /http-bind/ Artyom , IP: 192.168.1.16
2011-09-15 09:55:21: (http_auth.c.816) ldap: Invalid credentials
2011-09-15 09:55:21: (http_auth.c.880) password doesn't match for /http-bind/ admin , IP: 192.168.1.16

BUT after 1-2 sec all works ok.

I've tried to make a dump of traffic on LDAP port. While lighttpd shows error no requests are sent to LDAP server but it is for sure online in this time because we monitor every restart or downtime of services.


Related issues

Related to Bug #2464: patch for intermittent ldap failuresFixed2012-12-19Actions
#1

Updated by gstrauss over 4 years ago

  • Related to Bug #2464: patch for intermittent ldap failures added
#2

Updated by gstrauss over 4 years ago

  • Category set to mod_auth
  • Status changed from New to Fixed
  • Target version set to 1.4.40

Fixed in r3108. Same issue as #2464.

Also available in: Atom