Re: [SOLVED] Apache-2.2 with LDAP authentication keeps spinning after authentication completes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tried using (newer) web browsers under Mac OS X and no apparent
Read/Transmitting persistence is noted. So perhaps "the issue" is browser
specific (either OS or version). It would be nice to have a reliable way to
track this down with more specifics. Web browser console/error/debug windows
don't help. Packet capture mechanisms don't help, of course. Application log
files don't show anything, of course.


-------- Original Message --------
Subject: Re:  Apache-2.2 with LDAP authentication keeps spinning
after authentication completes
Date: Tue, 03 May 2016 16:46:30 -0500
From: J.D. <randomnoise058@xxxxxxxxx>
To: users@xxxxxxxxxxxxxxxx

Another interesting observation: web browser (Firefox) continues to show
activity spinner and "read <hostname>" status (with AuthLDAP active at web
application initiation) even after the LDAP authentication is completed, the
OpenLDAP server is stopped, and the LDAP network connection is dropped. I can't
see activity status with the Opera browser, but the LDAP network connection
remains ESTABLISHED after terminating that web browser.

This appears to be an Apache(2.2) issue. Nothing in the Apache (HTTPD) log files.



On 05/03/2016 06:56, Luca Toscano wrote:
> 
> 
> 2016-05-03 1:22 GMT+02:00 J.D. <randomnoise058@xxxxxxxxx
> <mailto:randomnoise058@xxxxxxxxx>>:
> 
>     Centos-6.6+seLinux, Apache-2.2, OpenLDAP-2.4.40, OpenSSL-1.0.1e-fips
> 
>     Using the following sample Directory block, the Apache LDAP authentication works
>     just fine, but when the web page is displayed - the activity spinner is spinning
>     and the status bar shows "Read <hostname>". Without the Apache LDAP
>     authentication, neither of the above symptoms appear/occur. It is almost like
>     something doesn't complete/finish, but I cannot determine what causes this.
>     There are no messages in the HTTPD error logs relative to this situation.
> 
> 
>     <Directory "/var/www/html/directory/">
>       SSLRequireSSL
>       AllowOverride None
>       Allow from 127.0.0.1
>       Allow from localhost
>       Allow from 192.168.56.0/24 <http://192.168.56.0/24>
>     # uncomment following line to force all frontend access
>     # to require userid/password authentication via LDAP
>       include conf/WebFrontendApacheAuthentication.conf
>     </Directory>
> 
> 
>     WebFrontendApacheAuthentication.conf
>     ===============================
>     AuthType basic
>     AuthName "realm"
>     AuthBasicProvider ldap
>     AuthLDAPURL ldaps://vbox-realm.vboxnet/dc=realm?uid?sub?(ObjectClass=*)
>     Require ldap-group cn=WebAccess,dc=realm
>     ===============================
> 
> 
> Not an expert about LDAP auth with httpd but I would try to increase the
> LogLevel (https://httpd.apache.org/docs/2.2/mod/core.html#loglevel) to get more
> info from the logs about what mod_auth_ldap is doing.
> 
> Hope that helps!
> 
> Luca 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux