From nobody@hyperreal.com Tue Dec 3 14:22:22 1996 Received: by taz.hyperreal.com (8.8.3/V2.0) id OAA07179; Tue, 3 Dec 1996 14:22:22 -0800 (PST) Message-Id: <199612032222.OAA07179@taz.hyperreal.com> Date: Tue, 3 Dec 1996 14:22:22 -0800 (PST) From: Joseph Miller Reply-To: jmiller@gcipoa.gannett.com To: apbugs@hyperreal.com Subject: mod_auth_dbm refuses authentication X-Send-Pr-Version: 3.2 >Number: 25 >Category: mod_auth-any >Synopsis: mod_auth_dbm refuses authentication >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue Dec 3 14:30:22 1996 >Last-Modified: Sun Apr 6 14:34:55 PDT 1997 >Originator: jmiller@gcipoa.gannett.com >Organization: >Release: 1.2 and 1.1 >Environment: I am running Apache 1.1.1 and Apache 1.2 on AIX 4.1.4. I am using the commercial C compiler from IBM (xlc). >Description: After compiling in the mod_auth_dbm module and setting up dbm files for user ids, passwords, and groups,I was unable to get dbm authentication working. When I accessed a password protected page, I got a username/password prompt. After filling in the username and password with valid values, mod_auth_dbm refused authentication. I debugged the code and found a couple of problems. The contents of some variables were not what was expected. I have included the changes I made to get the module to work below. >How-To-Repeat: >Fix: I modified the code as follows to force it to work: In the function dbm_check_auth, I made the folloing changes: I replaced this line: if(!strcmp(w,"group") && sec->auth_dbmgrpfile) { with this one: if(sec->auth_dbmgrpfile) { I deleted the following two lines, and the associated end bracket ("}"): while(t[0]) { w = getword(r->pool, &t, ' '); %0 >Audit-Trail: State-Changed-From-To: open-analyzed State-Changed-By: marc State-Changed-When: Sat Feb 15 20:42:14 PST 1997 State-Changed-Why: Are you trying to use both group and user authorization for the same directory? Did you try setting AuthDBMAuthoritative to off? If you don't, and you are trying to use both groups and users in the same directory, when the first is refused it will refuse the whole request, as documented. The suggested changes do not do the right thing in most cases. State-Changed-From-To: analyzed-closed State-Changed-By: marc State-Changed-When: Sun Apr 6 14:34:55 PDT 1997 State-Changed-Why: No response from user, assuming problem closed. People are using it without problems. >Unformatted: