[Auth_ldap] Random "Authorization Required"-error although valid entry exists
Martin Sigbjörn
martin.sigbjorn at arrowhead.se
Wed Feb 21 01:40:26 PST 2001
> Martin Sigbjörn <martin.sigbjorn at arrowhead.se> writes:
>
> > auth_ldap on my Apache-server has problems when searching for entries in
my
> > LDAP-directory. Sometimes it reports (through the Apache log file) that
it
> > cannot find a particular entry although the entry exists in my
directory,
> > resulting in the "Authorization Required" error-message. But the next
time
> > it finds the entry and I have no problem. I can't see any pattern. The
error
> > appears to happen randomly.
>
> It almost sounds like a LDAP cache issue. Try disabling the search cache
> and see if it helps at all. Or upgrade to auth_ldap 1.5.x, which
> bypasses the LDAP SDK's cache in favor of an internal cache that's tuned
> specifically for auth_ldap.
I tried to disable caching by setting the "AuthLDAPCacheSize = -1" (for
version 1.4.7) but this had no effect. I still get the same random errors.
Maybe I'm setting this directive in the wrong place in my httpd.conf. I've
placed the directive in the virtual host clause for my server, like this:
<VirtualHost xxx.xxx.xxx.xxx:xxx>
AuthLDAPCacheSize -1
</VirtualHost>
Is that correct?
I then tried to upgrade to auth_ldap 1.5.3. First I had some problems when
running the configure-script. Maybe there's some errors in that script. I
had to modify the script and then the Makefile. Like this:
In "configure" I had to comment out the following lines:
#test -z "$APXS" && { echo "configure: error: Cannot build auth_ldap without
a valid apxs program" 1>&2; exit 1; }
#$APXS -q CFLAGS > /dev/null
When examing the script I noticed that $APXS evaluates to "yes" here, and
therefore the configure-script stalls here. I then ran configure like this:
$ ./configure --with-apxs
/usr/local/apache_1.3.12/bin/apxs --with-sdk=openldap --with-sdk-headers=/us
r/include --with-sdk-libs=/usr/lib
Then, in the Makefile, I replaced "APXS=yes" with APXS=/path/to/apxs. Any
comments on these problems? Anyway, after solving this I was able to "make"
and "make install". I then edited the httpd.conf and removed the
"AuthLDAPCacheSize" directive. But I had the same errors as with the this
version (1.5.3) as the previous (1.4.7). I also tried to set the
"AuthLDAPCacheSize" = 0 (to disable search cache in 1.5.3 right?), but with
no success.
Well, what could be the problem?
Kind regards
/Martin Sigbjörn
More information about the Auth_ldap
mailing list