• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 408
  • Last Modified:

Apache with ldap authentication

Hi,
I'm using a LDAP to authenticate user on an apache web site.
The configuration is working fine for about 80% of my user but for some, they can't be granted to access.
In apache error log I'm seeing :

[Thu Feb 13 16:53:16 2014] [warn] [client x.y.z.v] [17697] auth_ldap authenticate: user john.doe authentication failed; URI /test/ [ldap_simple_bind_s() to check user credentials failed][Other (e.g., implementation specific) error]

here is my apache location conf :
        AuthType Basic
        AuthName "Login"
        AuthBasicProvider ldap
        AuthzLDAPAuthoritative Off
        AuthLDAPURL "ldaps://w.x.y.z:636/ou=people,o=myO?cn"
        AuthLDAPBindDN "cn=mybinding"
        AuthLDAPBindPassword "myPassword"
        require valid-user

Open in new window


I can't find a way to decode the error.
0
Sybux
Asked:
Sybux
  • 6
  • 5
1 Solution
 
giltjrCommented:
What LDAP server are you using?

Does it show any errors?
0
 
SybuxAuthor Commented:
Finally I've found the problem but I don't know how to correct it.

The problem was located in the password. Users with access problem got some special caracters in password like éàèç.
0
 
giltjrCommented:
Which version of Apache?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
SybuxAuthor Commented:
Sorry for late delay, I was on vacation !

The version of apache is 2.2.14
0
 
giltjrCommented:
You may want to try and newer level.  I am assuming you are having this problem:

https://issues.apache.org/jira/browse/KARAF-2476
0
 
SybuxAuthor Commented:
One new step in debug.

The problem seems to be Ubuntu :)

I've set the username and password that is not working as the bind user in my ldap_auth.

In vi, I can see the password like this 1234Tëst in stead of 1234Tëst which is seen if I open the file in my windows notepad.

Do you have any ideas ?
0
 
giltjrCommented:
How did you get the file from your Windows box to the Ubuntu box?

I would try using either sftp or standard FTP, but choose binary mode.

It looks like each box had different character encoding/language selected.
0
 
SybuxAuthor Commented:
No it's not a problem of file transfert. If I type the password 1234Tëst in the Apache prompt, it fails

but I type password 1234Tëst it works. So definitively it's a codepage problem but I can't figure where to correct it
0
 
giltjrCommented:
What language is Windows setup to use?

What language is Ubuntu setup to use?
0
 
SybuxAuthor Commented:
Finally, one of my engineer found the problem. It's a bug in apache 2.2.16 on module mod_authz_ldap.

It's corrected in patch 2.2.17.
0
 
SybuxAuthor Commented:
Found ourselves
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now