Temporarily authentication errors with auth_dbd and postgres

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!

I have a weird problem with Apache basic auth using a DB backend (Apache
2.4.7-1ubuntu4.8 on Ubuntu 14.04 authenticating against a Postgresql 8.4
server).

Usually it works fine:

Browser                    Apache             DB
|--POST w/o credentials ---->|                |
|<--------401----------------|                |
|--POST w credentials ------>|                |
|                            |---SELECT .. -->|
|                            |<-- pw-hash ----|
|<--------200----------------|                |

But every 10th request (sometimes earlier, sometimes later) I see the
following scenario:

Browser                    Apache             DB
|--POST w/o credentials ---->|                |
|<--------401----------------|                |
|--POST w credentials ------>|                |
|                            |---SELECT .. -->|
|                            |<-- pw-hash ----|
|<--------401----------------|                |

Although the DB returns the same password-hash as always, and the
browser sends the correct credentials (as in the working scenario),
Apache replies with 401.

I enabled dumpio and set logging to trace7 but could not spot anything
suspect. I also used tcpdump and captured the whole DB-related traffic:
no TCP problems, everthing is fine.

For testing I moved all users to a local AuthUserFile and then
everything works fine.

I had the same setup running for years without problems on Ubuntu 10.04
with Apache 2.2.14, were Apache was running on the same host as the DB.

I would really appreciate any hints what I could add to my debugging to
find the cause of this problem.

Thanks
Klaus

the config is simple:

<VirtualHost 83.136.34.15:443 2a02:850:8::15:443>
        ...
        DBDriver pgsql
        DBDParams "dbname=...."
        DBDMin  1
        DBDKeep 2
        DBDMax  20
        DBDExptime 300

        <Location /soap>
                AuthType Basic
                AuthName "API"
                AuthBasicProvider dbd
                AuthDBDUserPWQuery "SELECT password FROM accounts WHERE
username = %s"
                Require valid-user
                php_value include_path
".:/usr/share/php:/usr/share/pear:/var/www/api-test"
        </Location>
        ...
</VirtualHost>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux