* add the constructed filter at TRACE1 to authn, and to existing debug authz

messages.

* Drop the level of the LDAPURL parsing to TRACE1 from debug (appears in
console/event viewer once per directive)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1088627 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/aaa/mod_authnz_ldap.c b/modules/aaa/mod_authnz_ldap.c
index 111490e50c2cd0680be2c03a8a6680bdcfc2d114..eb77dad4e191afdcee7ac50dfe05a9ce03e45290 100644 (file)
--- a/modules/aaa/mod_authnz_ldap.c
+++ b/modules/aaa/mod_authnz_ldap.c
@@ -521,6 +521,9 @@ start_over:
     /* build the username filter */
     authn_ldap_build_filter(filtbuf, r, user, NULL, sec);
 
+    ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
+                      "auth_ldap authenticate: final authn filter is %s", filtbuf);
+
     /* convert password to utf-8 */
     utfpassword = authn_ldap_xlate_password(r, password);
 
@@ -1012,7 +1015,7 @@ static authz_status ldapdn_check_authorization(request_rec *r,
         /* Search failed, log error and return failure */
         if(result != LDAP_SUCCESS) {
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                "auth_ldap authorise: User DN not found, %s", ldc->reason);
+                "auth_ldap authorise: User DN not found with filter %s: %s", filtbuf, ldc->reason);
             return AUTHZ_DENIED;
         }
 
@@ -1122,7 +1125,7 @@ static authz_status ldapattribute_check_authorization(request_rec *r,
         /* Search failed, log error and return failure */
         if(result != LDAP_SUCCESS) {
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                "auth_ldap authorise: User DN not found, %s", ldc->reason);
+                "auth_ldap authorise: User DN not found with filter %s: %s", filtbuf, ldc->reason);
             return AUTHZ_DENIED;
         }
 
@@ -1236,7 +1239,7 @@ static authz_status ldapfilter_check_authorization(request_rec *r,
         /* Search failed, log error and return failure */
         if(result != LDAP_SUCCESS) {
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                "auth_ldap authorise: User DN not found, %s", ldc->reason);
+                "auth_ldap authorise: User DN not found with filter %s: %s", filtbuf, ldc->reason);
             return AUTHZ_DENIED;
         }
 
@@ -1410,7 +1413,7 @@ static const char *mod_auth_ldap_parse_url(cmd_parms *cmd,
 
     sec->have_ldap_url = 1;
 
-    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
+    ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, cmd->server,
                  "auth_ldap url parse: `%s', Host: %s, Port: %d, DN: %s, "
                  "attrib: %s, scope: %s, filter: %s, connection mode: %s",
                  url,