Hi!
I have a weird problem with Apache basic auth using a DB backend (Apache
2.4.7-1ubuntu4.8 on Ubuntu 14.04 authenticating against a Postgresql 8.4
server).
Usually it works fine:
Browser Apache DB
|--POST w/o credentials ---->| |
|<--------401----------------| |
|--POST w credentials ------>| |
| |---SELECT .. -->|
| |<-- pw-hash ----|
|<--------200----------------| |
But every 10th request (sometimes earlier, sometimes later) I see the
following scenario:
Browser Apache DB
|--POST w/o credentials ---->| |
|<--------401----------------| |
|--POST w credentials ------>| |
| |---SELECT .. -->|
| |<-- pw-hash ----|
|<--------401----------------| |
Although the DB returns the same password-hash as always, and the
browser sends the correct credentials (as in the working scenario),
Apache replies with 401.
I enabled dumpio and set logging to trace7 but could not spot anything
suspect. I also used tcpdump and captured the whole DB-related traffic:
no TCP problems, everthing is fine.
For testing I moved all users to a local AuthUserFile and then
everything works fine.
I had the same setup running for years without problems on Ubuntu 10.04
with Apache 2.2.14, were Apache was running on the same host as the DB.
I would really appreciate any hints what I could add to my debugging to
find the cause of this problem.
Thanks
Klaus
the config is simple:
<VirtualHost 83.136.34.15:443 2a02:850:8::15:443>
...
DBDriver pgsql
DBDParams "dbname=...."
DBDMin 1
DBDKeep 2
DBDMax 20
DBDExptime 300
<Location /soap>
AuthType Basic
AuthName "API"
AuthBasicProvider dbd
AuthDBDUserPWQuery "SELECT password FROM accounts WHERE
username = %s"
Require valid-user
php_value include_path
".:/usr/share/php:/usr/share/pear:/var/www/api-test"
</Location>
...
</VirtualHost>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|