Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Authorization Containers problem |
|
| Author |
|
timo
Joined: 03 Jun 2012
Posts: 45
Location: FI, EU
|
 Posted: Sun 23 Feb '20 11:22 Post subject: Authorization Containers problem |
 |
|
I had a working solution below
| Code: | <RequireAll>
Require group MY_GROUP
Require not env BlockCountry
Require not group GUESTS
</RequireAll> |
Then I decided to have more control over one user (User_X) in MY_GROUP, so I removed that user from the group file and changed containers as follows:
| Code: | <RequireAll>
<RequireAny>
Require group MY_GROUP
<RequireAll>
Require user User_X
Require forward-dns my_dns
</RequireAll>
</RequireAny>
Require not env BlockCountry
Require not group VIERAAT
</RequireAll> |
With this modified container, Apache keeps logging the following error:
[code]authz_groupfile:error pid 12400:tid 4848 client xxx.xxx.xxx.xxx:63271 AH01666: Authorization of user User_X to access /index.php failed, reason: user doesn't appear in group file (xxxxxxxxxxxgroup.file).
User_X can still access index.php, because inner RequireAll section is true for both user and forward-dns
What is the reason for this line in Apache log? |
|
| Back to top |
|
timo
Joined: 03 Jun 2012
Posts: 45
Location: FI, EU
|
| Posted: Fri 20 Mar '20 12:51 Post subject: |
|
|
Following ASF change to 2.4.42 takes care of this problem:
*) mod_authz_groupfile: Drop AH01666 from loglevel "error" to "info". |
|
| Back to top |
|
|
|
|
|
|
