https://bugzilla.novell.com/show_bug.cgi?id=833220 https://bugzilla.novell.com/show_bug.cgi?id=833220#c0 Summary: LDAP Authentication Failure Causes Error 500 Classification: openSUSE Product: openSUSE 12.2 Version: Final Platform: x86-64 OS/Version: openSUSE 12.2 Status: NEW Severity: Normal Priority: P5 - None Component: Apache AssignedTo: bnc-team-apache@forge.provo.novell.com ReportedBy: nick.couchman@seakr.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36 When trying to configure Apache2 with the mod_authnz_ldap module, authentication works fine, unless you entire a bad password. If you enter a wrong username and wrong password, the browser gives you the login box, again. If you enter a good username and good password, you get logged in. If you enter a good username and bad password, you get Error 500 (Internal Server Error) rather than an authentication failure and another chance to log in. Reproducible: Always Steps to Reproduce: 1. Install Apache2, LDAP dependencies, etc. 2. Configure a <Location> tag for LDAP authentication. 3. Try different combinations of known good and bad username/password combinations. Actual Results: 1. Good username/good password = login. 2. Bad username/bad password = authentication failure, login prompt. 3. Good username/bad password = Internal Server Error (500) Expected Results: 1. Good username & good password = login. 2. Bad username & password = failure, login prompt. 3. Good username & bad password = failure, login prompt. Here is the relevant configuration section: LDAPTrustedGlobalCert CA_BASE64 /etc/ssl/certs/myca.pem LDAPTrustedMode TLS LDAPVerifyServerCert off <Location /> AuthType Basic AuthName "Special Place" AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL ldap://ldap.example.com/dc=example,dc=com?uid?sub TLS Require valid-user </Location> -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.