[Auth_ldap] AuthLDAPAuthoritative bug?
tamagawa
tamagawa at osa.att.ne.jp
Sat Dec 10 22:23:23 PST 2005
Hello,
I think I've encountered a bug in auth_ldap1.6.
I'm using auth_ldap with "AuthLDAPAuthoritative off"
on apache 1.3.34 on Linux.
When auth_ldap checks a user's password and the password
is wrong, it should return DECLINED but returns AUTH_REQUIRED.
it seems that line 642 and 672 of auth_ldap.c must be fixed.
They should be
return sec->auth_authoritative? AUTH_REQUIRED: DECLINED:
instead of just returning AUTH_REQUIRED.
Hope this helps somebody else.
--
tamagawa ryuji
tamgawa at osa.att.ne.jp
More information about the Auth_ldap
mailing list