[Auth_ldap] auth retry bug patch
Ken Yap
ken.yap at optusnet.com.au
Sun Aug 21 19:15:24 PDT 2005
This may have been posted before, maybe I didn't look hard enough, but
this bug prevents the browser from giving the user another chance to
login if the username is invalid. Here's the patch against 1.6.0.
--- auth_ldap-1.6.0/auth_ldap.c.orig 2001-07-05 00:38:03.000000000 +1000
+++ auth_ldap-1.6.0/auth_ldap.c 2005-08-22 11:11:49.220673054 +1000
@@ -596,6 +596,9 @@
filtbuf, ldap_err2string(result), r->uri);
RELMUTEX(conf->mtx);
RELMUTEX(sec->ldc->mtx);
+ /* ask user again, this wasn't done in upstream version */
+ if (sec->auth_authoritative)
+ ap_note_basic_auth_failure(r);
return sec->auth_authoritative? AUTH_REQUIRED : DECLINED;
}
@@ -612,6 +615,9 @@
ldap_msgfree(res);
RELMUTEX(conf->mtx);
RELMUTEX(sec->ldc->mtx);
+ /* ask user again, this wasn't done in upstream version */
+ if (sec->auth_authoritative)
+ ap_note_basic_auth_failure(r);
return sec->auth_authoritative? AUTH_REQUIRED: DECLINED;
}
More information about the Auth_ldap
mailing list