[Auth_ldap] Re: Authldap
dave at rudedog.org
Mon Nov 6 09:45:54 PST 2000
I believe that this is a bug with auth_ldap, but I haven't tracked down
what to do about it. There is a workaround. Make sure you also have
mod_auth loaded, and make sure that auth_ldap gets loaded after
mod_auth. Then, add the following directives:
Basically, a failed auth will then pass the auth attempt to mod_auth,
which behaves correctly. Since mod_auth uses /dev/null for its password
file, it'll never actually authenticate anybody.
Dave Carrigan (dave at rudedog.org) | Yow! I just got my PRINCE bumper
UNIX-Apache-Perl-Linux-Firewalls-LDAP-C-DNS | sticker.. But now I can't
Seattle, WA, USA | remember WHO he is...
"Paul Burnet" <p.burnet at cranfield.ac.uk> writes:
> I am sorry to bother you but I was trying to implement authldap on our
> webserver. The only problem we have is that if you have entered in the
> wrong username and password internet explorer will continue to supply the
> same credentials until the browser is shutdown and restarted. From what we
> can see the initial time you contact the webserver you recieve an
> www-authenticate in the header but after supplying some creditials this is
> no longer supplied.
> Netscape works fine we are assuming that internet explorer uses the
> www-authenticate to prompt the user for credentials while netscape can
> understand just a standard 401 message. Is there anywhere in the source
> code that we could change so that we always get a the www-authenticate
> response header whenever authentication fails (Whether no credentials or
> invalid ones are).
> I hope that you can help
More information about the Auth_ldap