Dear All, I'm trying to set up auth with postgresql... Laurent FAILLIE wrote:
My only advice is to not use it as it doesn't work :-(
Yesterday I thought it was working, but since then it has fallen apart
and I'm wondering if Laurent might be right after all...
Yesterday I was running 2.2.3 (Debian package). It was working. This
evening I upgraded to 2.2.4 (still Debian). (Why? "If it ain't broken,
don't fix it." I should remember that, but it's too late now.)
Although the rest of the system still works, pgsql auth has failed.
My configuration currently looks like this (slightly edited):
<VirtualHost x.y.z.z:443>
ServerName xxxxx
DBDriver pgsql
DBDParams "dbname=xxxx user=xxxx"
DBDExptime 100
DBDKeep 1
DBDMax 5
DBDMin 1
DBDpersist on
# Note docs say 0|1 for persist, but it actually wants on|off
DocumentRoot /var/www/xxxx
<Directory /var/www/xxxx>
Options FollowSymLinks MultiViews +ExecCGI +Includes
AllowOverride All
AddHandler cgi-script cgi
DirectoryIndex index
Order allow,deny
allow from all
AddOutputFilterByType DEFLATE text/html text/plain
text/css text/javascript
AuthName "xxxx"
AuthType basic
AuthPAM_Enabled off
AuthBasicProvider dbd
AuthDBDUserPWQuery "select
'{SHA}'||encode(digest(decode(password_b64,'base64'),'sha1'),'base64')
from users where username=$1 and enabled"
require valid-user
</Directory>
SSLEngine on
SSLCertificateFile xxxx
ErrorLog /var/log/apache2/xxxxx/error.log
LogLevel warn
CustomLog /var/log/apache2/xxxx/access.log combined
ServerSignature On
</VirtualHost>
Yesterday I had "DBDpersist off", and no exptime, keep, min or max
parameters. I tried that at first with 2.2.4, with the following symptoms:
In the error log:
[Mon Aug 20 23:52:14 2007] [error] [client 86.6.8.194] No DBD Authn configured!
In the postgresql log, I see a connection, authorisation and immediate
disconnection, without any query being executed:
2007-08-20 23:52:30 BST LOG: connection received: host=[local]
2007-08-20 23:52:30 BST LOG: connection authorized: user=xxxx database=xxxx
2007-08-20 23:52:30 BST LOG: disconnection: session time: 0:00:00.040
user=xxxx database=xxxx host=[local]
I then tried the "persist on" settings shown above. This fails in a
different way. Nothing else in this configuration has changed since it
was working yesterday with 2.2.3, and the postgresql configuration has
not changed.
With "persist on", the symptom is that I see this in the error log:
[Mon Aug 20 23:12:29 2007] [error] [client 86.6.8.194] Error looking up
phil in database
In the postgresql log, I see *nothing at all*. This log records
something even if I just telnet to the right port number, which makes
me think that Apache isn't attempting to connect at all. I have tried
to debug with strace, and although it's hard to see what is going on I
can't see any attempts to open a database connection. lsof -i and lsof
-U don't appear to show any connection either.
So: Can anyone see anything obviously wrong with the configuration
shown above? I'm aware that there may be some known issues with this
stuff, but are there any known *regressions* from 2.2.3 to 2.2.4? Was
I just lucky before? How can I debug further? Is there a way to get
verbose debug out of mod_dbd? (I have tried "loglevel debug" but that
doesn't add anything.)
Many thanks for any advice.
Phil.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|