>> suggesting, please let me know.
>>
>> In addition to the user name I need the LDAP DN of the user in the
>> custom log. That's available in mod_auth_ldap but not exposed. I
>> propose to modify modules/ldap/util_ldap.c:uldap_cache_comparedn() to
>>
r in the
> custom log. That's available in mod_auth_ldap but not exposed. I
> propose to modify modules/ldap/util_ldap.c:uldap_cache_comparedn() to
> (optionally?) store the DN in a "LDAP_DN" environment variable which can
> then be shown in the custom log and used in oth
the user in the
custom log. That's available in mod_auth_ldap but not exposed. I
propose to modify modules/ldap/util_ldap.c:uldap_cache_comparedn() to
(optionally?) store the DN in a "LDAP_DN" environment variable which can
then be shown in the custom log and used in other ways.
isnt A
Sorry if this has been discussed before. I couldn't find past mentions
after searching the archives. If there's a better way than what I'm
suggesting, please let me know.
In addition to the user name I need the LDAP DN of the user in the
custom log. That's available in m
I tried just this one:
http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap_apache2.html
I think that's compile but the make doesn't work. I tried to contact the
author he doesn't answer...
2007/10/23, Joe Lewis <[EMAIL PROTECTED]>:
>
> There was a 3.11
u do realize that a section on that website said :
> >
> > [quote]
> > *-NOTICE-*
> >
> > If you are looking for the module for *Apache 2.0.x*, please visit
> the
> > page mod_auth_ldap_apache2.html
> > <
> >
> htt
karim Bendadda wrote:
> I see that's why id doesn't work...
>
> muquit.com is the website where I found the mod_auth_ldap... It explains how
> to install it and how it works
>
Well, I have it running on 2.2 on a BSD server. It helps to get the
right package from tha
>>> On 3/24/2006 at 2:56:01 am, in message
<[EMAIL PROTECTED]>, [EMAIL PROTECTED]
wrote:
> Hi everybody,
>
> I would like to enhance this module to be able to match the username
in
> more than one attribut in an "OR" condition.
>
> Currently, this module uses the AuthLDAPURL:
>
> AuthLDAPURL
>
l
On Fri, March 24, 2006 11:56 am, Emmanuel Lacour said:
> I would like to enhance this module to be able to match the username in
> more than one attribut in an "OR" condition.
> I'm okay to provide a patch, but I would like to know your opinion on
> those 2 way.
This sounds rather useful :)
Reg
Hi everybody,
I would like to enhance this module to be able to match the username in
more than one attribut in an "OR" condition.
Currently, this module uses the AuthLDAPURL:
AuthLDAPURL
ldap://server/searchbase?attribute_containing_the_login?scope?additionnal_filter
it constructs the filter l
On Fri, Sep 23, 2005 at 03:46:27PM +0200, [EMAIL PROTECTED] wrote:
> First let me start with the problem I encountered while implementing
> mod_auth_ldap on a freebsd 5.4 system (apache 2.0.54).
>
> Of course I have my apache2 daemon running as the www user. When starting
>
Hi all,
Please bare with me while I try to explain my question
First let me start with the problem I encountered while implementing
mod_auth_ldap on a freebsd 5.4 system (apache 2.0.54).
Of course I have my apache2 daemon running as the www user. When starting
the server, the
ser,
ldap-group, etc. You can also mix and match different types of
authorization with authentication. The quick fix for Apache 2.0 is to
set "AuthAuthoritative off" so that if the mod_auth authorization fails,
it will defer to mod_auth_ldap which will work.
Brad
>>> [EMAIL PRO
2.0 is to
set "AuthAuthoritative off" so that if the mod_auth authorization fails,
it will defer to mod_auth_ldap which will work.
Brad
>>> [EMAIL PROTECTED] Tuesday, November 30, 2004 5:35:29 AM >>>
Sorry if this belongs in the users group, it's a query, but
Sorry if this belongs in the users group, it's a query, but a query about
the working of the code.
I've filed a bug (32426) but am trying to fix it myself.
What I've found is that if user_is_dn is set (AuthLDAPRemoteUserIsDN in an
.htaccess file) then
mod_auth_ldap sets r->us
I just produced a patch that seems to fix the remaining issues for bug
24437.
--
Jess Holle
Hi all,
I've been having some odd behaviour from mod_auth_ldap, wondering if
anybody else has come across this.
If you configure basic authentication against LDAP, it seems to work
fine. You can log in with a correct password, and it lets you in. You
can log in with an incorrect passwor
I just fixed this in the 2.1-dev tree and I am close to backporting
it to the 2.0 branch. Please see:
http://marc.theaimsgroup.com/?l=apache-cvs&m=108077454119081&w=2
http://marc.theaimsgroup.com/?l=apache-cvs&m=108077387904346&w=2
Brad
Brad Nicholes
Senior Software Engineer
Novell, Inc., t
After a poor response on the user list, I'll try it here:
http://article.gmane.org/gmane.comp.apache.user/36334
Thanks.
--
[EMAIL PROTECTED] (Andrew A. Raines)
er and and password. Then the
hourglass keeps turning until timeout. I found not log in httpd.log or
ldap to directly indicate any errors. I wonder how I can trun on more
debug message, and how I can go about to debug the mod_auth_ldap modules?
Regards,
Anthony
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi All,
I posted a bug report at
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24683
If you have firther questions, I will be available.
Cheers,
ace
website: http://www.suares.nl * http://www.qwikzite.nl
-BEGIN PGP SIGNATURE-
Versio
Wether I am using Apache 1.3 with mod_auth_ldap 1.6.0 (from Rudedog) or Apache
2.0 with the distributed auth_ldap module (which is, as I understand, based
on the rudedog module), I am experiencing the same problems.
Over at the [EMAIL PROTECTED] mailinglist, we analyzed the problem with
help op Br
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Oh... thank you for pointing that out. I *might* have done that, I hate typing
emailaddresses :-)
I'll post the article once again, properly.
_Ace
>
> weird... the old thread has subject "the wheel of httpd-dev life is surely
> slowing down, sol
Ace Suares wrote:
BTW, when you reply to a post on some topic and then change the subject, in
many mail clients your post will appear in the thread of that old topic.
That seems to be the case with this new thread.
Hmm... very intersting.
I was not aware that I replied to a post on this list or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> Ace Suares wrote:
> > Wether I am using Apache 1.3 with mod_auth_ldap 1.6.0 (from Rudedog) or
> > Apache 2.0 with the distributed auth_ldap module (which is, as I
> > understand, based on the rudedog module), I am experiencing
Ace Suares wrote:
Wether I am using Apache 1.3 with mod_auth_ldap 1.6.0 (from Rudedog) or Apache
2.0 with the distributed auth_ldap module (which is, as I understand, based
on the rudedog module), I am experiencing the same problems.
BTW, when you reply to a post on some topic and then change
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi All,
Wether I am using Apache 1.3 with mod_auth_ldap 1.6.0 (from Rudedog) or Apache
2.0 with the distributed auth_ldap module (which is, as I understand, based
on the rudedog module), I am experiencing the same problems.
Over at the [EMAIL
I am now 99% certain the issue is in Microsoft's LDAP SDK. See the bug
comments for details.
Can this be fixed in the next Apache 2.0.x? [The bug comments include
my code changes albeit not done nicely enough to be a patch.]
--
Jess Holle
Jess Holle wrote:
Sorry to ping this group in additio
Sorry to ping this group in addition to filing a bug (#24437), but I'm
in bad shape here.
I know I have customers who have directories filled with uids with
backslashes (\) embedded in them (from an NT domain name heritage).
Apache 2.0.47 over-escapes these whereas Apache 1.3.x with auth_ldap
Ok, so I'm running 2.0.47 with mod_ldap, mod_auth_ldap, and a bunch of
other modules. I've already stumbled across the mod_ldap problems and
I've disabled caching entirely (LDAPCacheEntries 0) and LDAP
authentication seems to work generally.
However, when I ldap-protect a Locat
At 01:52 PM 3/26/2003, Jeff Trawick wrote:
>MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
>>This is probably the cause.
>>[If strnicmp is available on a platform, but strncasecmp is not, then it's
>>#defined in apr_general.h]
>>diff -r1.8.2.4 mod_auth_ldap.c
>>823c823
>>< if (strnicmp(url, "l
MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
This is probably the cause.
[If strnicmp is available on a platform, but strncasecmp is not, then it's
#defined in apr_general.h]
--Madhu
Index: mod_auth_ldap.c
===
RCS file: /home/cvsp
This is probably the cause.
[If strnicmp is available on a platform, but strncasecmp is not, then it's
#defined in apr_general.h]
--Madhu
Index: mod_auth_ldap.c
===
RCS file: /home/cvspublic/httpd-2.0/modules/experimental/mod_auth_l
"Andre Schild" <[EMAIL PROTECTED]> wrote:
>Better when we find a " in the line, use those as quotes.
>If no " are found, then use the blanks as separarators. (And this
>automatically disallows usernames with blanks in them.)
I agree, that will be clear.
>
>>BTW, how the other apache authenticati
> [EMAIL PROTECTED] 16.03.2003 21:45:12 >>>
>>Graham Leggett <[EMAIL PROTECTED]> wrote:
>Then your idea to use "'s and have only one check is probably a
solution
>or we can have an extra option to specify how this "require user User1
User2 .."
> to be interpreted - as a single value or as a list
Graham Leggett <[EMAIL PROTECTED]> wrote:
>Yavor Trapkov wrote:
>
>> - firstly, it checks if the whole string "User1 User2 .." matches the CN
>> of the
>> authenticated user and as this is a very rear situation it almost always
>> fails so each time we request a page, the WEB server sends a L
Yavor Trapkov wrote:
- firstly, it checks if the whole string "User1 User2 .." matches the CN
of the
authenticated user and as this is a very rear situation it almost always
fails so each time we request a page, the WEB server sends a LDAP
query as this
is never cached as a negative result
it sould be it would be a good thing for apache
-Kyle
www.kyleserver.com
- Original Message -
From: "Yavor Trapkov" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, March 16, 2003 12:28 AM
Subject: [patch]2 : mod_auth_ldap doesn't effectively use t
LDAP authentication has an important place, especially for big organizations with
a complex web environment. Since the mod_auth_ldap is an experimental module with
apache 2.0.x it it not part of some big distributions (an example - RH 8.0).
I think the mod_auth_ldap shoud be developed and supported
mmon use, and not
having the cache here the access to web site becomes much slower.
The change I propose is rather semantical and should be easy implemented.
Regards
Yavor Trapkov
Graham Leggett <[EMAIL PROTECTED]> wrote:
>Yavor Trapkov wrote:
>
>> mod_auth_ldap doesn'
Yavor Trapkov wrote:
mod_auth_ldap doesn't effectively use the cache with "require user User1
User2
.." directives
Why not just use "require group"?
Regards,
Graham
--
-
[EMAIL PROTECTED]
mod_auth_ldap doesn't effectively use the cache with "require user User1
User2
.." directives
What the module does:
- firstly, it checks if the whole string "User1 User2 .." matches the
CN of the
authenticated user and as this is a very rear situation it almost alway
fixes go. I would still like to back port the SSL changes
and then propose that mod_auth_ldap be moved out of experimental.
Brad
Brad Nicholes
Senior Software Engineer
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com
>>> [EMAIL PROTECTED] Wednesday, Fe
Joseph Ferner wrote:
Should this directive be LDAPCACertificateFile instead of LDAPTrustedCA
to match the naming convention of mod_ssl.
+1
Regards,
Graham
--
-
[EMAIL PROTECTED] "There's a moon
over Bourbon Street
tonight..."
I think the changes are great but I was wondering...
> - Added new generic SSL directives to mod_ldap:
> LDAPTrustedCA - specifies the Trusted Certificate Authority
> used for SSL server cert verification.
Should this directive be LDAPCACertificateFile instead of LDAPTrustedCA
to match
Jeff Trawick wrote:
Graham Leggett wrote:
Brad Nicholes wrote:
> - Added a support framework (using #defines) for multiple vendor LDAP
> SDKs. The framework currently supports the SDKs from Novell,
NetScape,
> OpenLDAP, and Microsoft. (Spent significant time testing compiling
and
> runnin
>makefiles will need to be updated to comply with the #defines values
in
>apr_ldap.h.in (Unix) and apr_ldap.hw (Win32). Could somebody on
those
>platforms fix the makefiles?
If no one is faster, I could do the win32 part during the next 3-4
days.
André
Hi -
>-- Original Message --
>Reply-To: [EMAIL PROTECTED]
>Date: Fri, 14 Feb 2003 08:45:33 -0700
>From: "Brad Nicholes" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>,<[EMAIL PROTECTED]>
>Subject: Re: Standarizing mod_auth_ldap across LDAP
I believe that the starttls concept is exactly as you say. Using
starttls you should be able to take an existing connection and upgrade
it to an SSL connection. But as far as I can see, the starttls concept
was never designed into mod_auth_ldap nor does the user interface
support it. If
Graham Leggett wrote:
Brad Nicholes wrote:
> - Added a support framework (using #defines) for multiple vendor LDAP
> SDKs. The framework currently supports the SDKs from Novell, NetScape,
> OpenLDAP, and Microsoft. (Spent significant time testing compiling and
> running with the various SDKs
Brad Nicholes wrote:
Over the last couple of weeks one of our Novell LDAP SDK engineers
took a look at mod_auth_ldap to try to standardize it across various
SDKs especially with regards to SSL.
Cool!
- Added a support framework (using #defines) for multiple vendor LDAP
SDKs. The
On Thu, 13 Feb 2003, Brad Nicholes wrote:
> - Added a support framework (using #defines) for multiple vendor LDAP
> SDKs. The framework currently supports the SDKs from Novell, NetScape,
> OpenLDAP, and Microsoft. (Spent significant time testing compiling and
> running with the various SDKs
Hi Brad -
the only suggestion I would have is to try to support SOME backward compatibility
(e.g. if StartTLS directive is used switch the url to ldaps or something
like that).
Looks like great progress for the software, though - I too would like to
see it committed.
sterling
Over the last couple of weeks one of our Novell LDAP SDK engineers
took a look at mod_auth_ldap to try to standardize it across various
SDKs especially with regards to SSL. I believe that these changes will
simplify configuring SSL for mod_auth_ldap and also isolate the SSL
functionality to
Looking through the docs for mod_auth_ldap and then finally the code, I
could not see a way to specify the certificates used to connect with a
secure ldap server. Is there a way to specify these values that I am
not aware of?
I know when using OpenLDAP's ldapsearch you can use a ldaprc fi
On Wednesday, January 22, 2003, at 08:57 AM, Justin Erenkrantz wrote:
--On Wednesday, January 22, 2003 5:39 PM +0100 Dirk-Willem van Gulik
<[EMAIL PROTECTED]> wrote:
One 'ultimate' way to proof how much sense it would make is by
using it to do simply/do some clever apache/tomcat connection
po
--On Wednesday, January 22, 2003 5:39 PM +0100 Dirk-Willem van Gulik
<[EMAIL PROTECTED]> wrote:
One 'ultimate' way to proof how much sense it would make is by
using it to do simply/do some clever apache/tomcat connection
pooling.
For that, you should use apr_reslist_t. IIRC, it was written for
> In fact, I thought that was the original plan. I recall that some
> people weren't too comfortable with the pooling code in APR-util.
> But, I still think it makes sense... -- justin
One 'ultimate' way to proof how much sense it would make is by using it to
do simply/do some clever apache/tom
--On Wednesday, January 22, 2003 8:54 AM +0200 Graham Leggett
<[EMAIL PROTECTED]> wrote:
mod_ldap is a connection pool and query cache, and can be reused by
other apache modules that require ldap, such as a potential
DAV-ldap module, or a proxy_ldap module, so no - I'd say a
combination would be
wrote:
> mod_ldap is a connection pool and query cache, and can be reused by
> other apache modules that require ldap, such as a potential DAV-ldap
> module, or a proxy_ldap module, so no - I'd say a combination would
be a
> bad idea.
>
> In addition, combining mod_ldap into mo
.
>
> In addition, combining mod_ldap into mod_auth_ldap makes it hard to
> split auth_ldap into authn and authz.
+1 to that; (though perhaps mod_ldap needs to be called libldap) - ldap is
useful for a lot of other things as well; including integration into
systems like RSASecurID, SiteMinder and e
Brad Nicholes wrote:
While we are on the subject of splitting auth_ldap, does it still make
sense to have mod_auth_ldap and mod_ldap? Would it make more sense to
combine these two modules. It seems that the split was initially due to
trying to include the ldap connection caching in apr-util
While we are on the subject of splitting auth_ldap, does it still make
sense to have mod_auth_ldap and mod_ldap? Would it make more sense to
combine these two modules. It seems that the split was initially due to
trying to include the ldap connection caching in apr-util. Since that
is no longer
Will it be the same for user, or will he had to add more modules when
he will compile his apache ?
I understand it will be the same when he will setup the authentication,
the Directives will be the same, but if the user forget to compile
authn, maybe i will not understand why some directives ar
Estrade Matthieu wrote:
I read the discussion for few messages, i am not an apache developper,
so i will speak as a user. IMHO, Splitting into two modules will make
auth more complex. actually, it's not really easy to setup, and the
documentation is not always up to date.
The configuration fo
wrote:
Graham Leggett wrote:
Justin Erenkrantz wrote:
No, you don't *have* to split them into different modules. One
module could register for both authn/authz providers. The only
reason we split was because their wasn't a lot of shared code
between the other auth modules. I thin
Graham Leggett wrote:
Justin Erenkrantz wrote:
No, you don't *have* to split them into different modules. One
module could register for both authn/authz providers. The only
reason we split was because their wasn't a lot of shared code between
the other auth modules. I think mod
+1 for splitting auth_ldap into authz/authn. We will be releasing our
mod_edir module that provides an alternative authorization service for
auth_ldap. It relies on mod_auth_ldap for authentication and then
enforces access control through mod_edir. It it currently implemented
by adding an "
> All (or most) of the shared code is in mod_ldap already. It should be
> relatively easy to split mod_auth_ldap into mod_authn_ldap and
> mod_authz_ldap.
Perhaps we need to go into the terminilogy that modules which have no
handlers (except init, etc) or no directives are called somet
Justin Erenkrantz wrote:
No, you don't *have* to split them into different modules. One module
could register for both authn/authz providers. The only reason we split
was because their wasn't a lot of shared code between the other auth
modules. I think mod_auth_ldap has a lot
--On Friday, January 17, 2003 9:59 AM +0200 Graham Leggett
<[EMAIL PROTECTED]> wrote:
If I were to change mod_auth_ldap to use the new authz/authn system
in v2.1, I have to split mod_auth_ldap into mod_authn_ldap (the
is-password-correct part) and mod_authz_ldap (group-membership
part)
Hi all,
If I were to change mod_auth_ldap to use the new authz/authn system in
v2.1, I have to split mod_auth_ldap into mod_authn_ldap (the
is-password-correct part) and mod_authz_ldap (group-membership part). Am
I correct?
Regards,
Graham
--
-
[EMAIL
Hello,
It's my first post to the list which I'm reading regularly, so I hope I'll break as few rules as possible.
I'm looking to extend mod_auth_ldap to check if the user is a member of the POSIX group (standard procedure for PAM-LDAP, for
instance). As opposed to regul
[in Win32] to build util_ldap/mod_auth_ldap
with MS's library. If the user doesn't install ldap, then those two
specific modules won't load. However, it doesn't harm libaprutil
since that module doesn't actually bind to any ldap functions.
The gist of the Win32 question; how m
>If Netware or Win32 can 'conditionally' support ldap, then we need
>to consider having an apr_ldap.hxx file that contains all of the
>#define APR_HAS_LDAP_* 0 statements. The header should
>always exist, and inform the app if ldap is available.
>Of course, I'm expecting that Win32 will support L
At 10:34 AM 12/3/2002, Brad Nicholes wrote:
>As far as the APU->APR changes go on NetWare, the net result is the same for us.
>Since we don't have autoconf on NetWare, this requires us to have our own version of
>apr_ldap.h (ie. apr_ldap.hnw) just like the Windows platform. But unlike Windows a
flavors after 4.0, as a download for 4.0 and with some
great effort for 9x LDAP users. I suspect that our auth_ldap community
isn't huge on the 9x thing in the first place.
So the patches attached let us plug into apr-util and then provide
mod_auth_ldap using the native libraries. I'l
+}
+
+LDAP_FREE( (char *) a );
+}
+
+static char **ldap_str2charray(const char *str_in, const char *brkstr)
+{
+char**res;
+char*str, *s;
+char*lasts;
+int i;
+
+/* protect the input string from strtok */
+str = LDAP_STRDUP( str_in );
+i
void ldap_charray_free(char **a)
+{
+char**p;
+
+if ( a == NULL ) {
+return;
+}
+
+for ( p = a; *p != NULL; p++ ) {
+if ( *p != NULL ) {
+LDAP_FREE( *p );
+}
+}
+
+LDAP_FREE( (char *) a );
+}
+
+static char **ldap_str2charray(const
I suspect that our auth_ldap community
isn't huge on the 9x thing in the first place.
So the patches attached let us plug into apr-util and then provide
mod_auth_ldap using the native libraries. I'll be darned if I'm about
to download three packages (openldap, sasl and regex) jus
have a bit more hassle, but it is available;
http://support.microsoft.com/default.aspx?scid=kb;en-us;288358
Attached also is the patch for httpd util_ldap and mod_auth_ldap. Don't
mind the const'ness warnings just now - since win32 does it's 'own thing'
regarding what aug
note as i said in the original email, the problem was that mod_auth
was enabled, not a problem with auth_ldap.
sterling
On Wednesday, October 23, 2002, at 05:19 PM, Estrade Matthieu wrote:
Hi,
I finally made mod_auth_ldap work.
First, basic authentication:
AuthName auth
AuthType Basic
Hi,
I finally made mod_auth_ldap work.
First, basic authentication:
AuthName auth
AuthType Basic
Then, disable Basic authoritative to let the Authorization continue to
mod_auth_ldap.
AuthBASICAuthoritative Off
Then my LDAP Config
Maybe this documentation about AuthBasicAuthoritative
>-- Original Message --
>Reply-To: [EMAIL PROTECTED]
>Date: Wed, 23 Oct 2002 18:07:30 +0200
>From: Estrade Matthieu <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: mod_auth_ldap
>
>
>John K. Sterling wrote:
>
>>try disabling mod_auth.
&g
t set!: /
-- Original Message --
Reply-To: [EMAIL PROTECTED]
Date: Wed, 23 Oct 2002 17:33:26 +0200
From: Estrade Matthieu <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: mod_auth_ldap
Hi,
I am using apache 2.0 + proxy + mod_auth_ldap
i have this error in my log:
[Wed Oct 23 17:35:59 2
try disabling mod_auth.
sterling
>-- Original Message --
>Reply-To: [EMAIL PROTECTED]
>Date: Wed, 23 Oct 2002 17:33:26 +0200
>From: Estrade Matthieu <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: mod_auth_ldap
>
>
>Hi,
>
>I am using apache 2.0 + pro
Hi,
I am using apache 2.0 + proxy + mod_auth_ldap
i have this error in my log:
[Wed Oct 23 17:35:59 2002] [error] [client 192.168.100.1] (9)Bad file
descriptor: Could not open password file: (null)
and return an error 500
this is my vhost auth conf:
AuthName test
AuthType basic
Scott Lamb wrote:
> Okay, now I understand what you are saying. Here's a patch that should
> do that. It seems to solve my problem and is definitely cleaner than my
> last patch.
I have just committed your patch, but I cannot test it as the LDAP
compile seems broken at the moment.
Regards,
Gra
Scott Lamb wrote:
> util_ldap_connection_close() is a misnomer, I think. It just releases a
> lock. ("I'm done with this LDAP connection," rather than "unbind this
> LDAP connection.") Since mod_auth_ldap_auth_checker only deals with one
> of these at a time, a (sub)pool is inappropriate, corr
Justin Erenkrantz wrote:
> On Thu, Jul 18, 2002 at 03:49:11PM -0500, Scott Lamb wrote:
>
>>mod_auth_ldap is never releasing locks in mod_auth_ldap_auth_checker, so
>>OpenLDAP eventually runs out of filehandles. pam_ldap and nss_ldap stop
>>working, badness happens.
>
On Thu, Jul 18, 2002 at 03:49:11PM -0500, Scott Lamb wrote:
> mod_auth_ldap is never releasing locks in mod_auth_ldap_auth_checker, so
> OpenLDAP eventually runs out of filehandles. pam_ldap and nss_ldap stop
> working, badness happens.
Quick thought - should the closing of the conne
mod_auth_ldap is never releasing locks in mod_auth_ldap_auth_checker, so
OpenLDAP eventually runs out of filehandles. pam_ldap and nss_ldap stop
working, badness happens.
--
Scott Lamb
Call util_ldap_connection_close in every exit path from
mod_auth_ldap_auth_checker.
Index: modules/httpd
Günter Knauf wrote:
> can someone please explain how I can create apr_ldap.h on Win32 and
> what additional defines are needed in the project in order to build mod_auth_ldap?
I am not sure how to do this on win32, however you need to include
--with-ldap to switch on LDAP support in AP
Hi,
can someone please explain how I can create apr_ldap.h on Win32 and what additional
defines are needed in the project in order to build mod_auth_ldap?
Thanks, Guenter.
94 matches
Mail list logo
