From: Eric Covener <covener@apache.org>
Date: Mon, 4 Apr 2011 13:55:48 +0000 (+0000)
Subject: * add the constructed filter at TRACE1 to authn, and to existing debug authz
X-Git-Tag: 2.3.12~103
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=964575078c3891bbdbcabe74fbef2987b4421257;p=apache

* add the constructed filter at TRACE1 to authn, and to existing debug authz
messages.

* Drop the level of the LDAPURL parsing to TRACE1 from debug (appears in
console/event viewer once per directive)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1088627 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/aaa/mod_authnz_ldap.c b/modules/aaa/mod_authnz_ldap.c
index 111490e50c..eb77dad4e1 100644
--- a/modules/aaa/mod_authnz_ldap.c
+++ b/modules/aaa/mod_authnz_ldap.c
@@ -521,6 +521,9 @@ start_over:
     /* build the username filter */
     authn_ldap_build_filter(filtbuf, r, user, NULL, sec);
 
+    ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
+                      "auth_ldap authenticate: final authn filter is %s", filtbuf);
+
     /* convert password to utf-8 */
     utfpassword = authn_ldap_xlate_password(r, password);
 
@@ -1012,7 +1015,7 @@ static authz_status ldapdn_check_authorization(request_rec *r,
         /* Search failed, log error and return failure */
         if(result != LDAP_SUCCESS) {
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                "auth_ldap authorise: User DN not found, %s", ldc->reason);
+                "auth_ldap authorise: User DN not found with filter %s: %s", filtbuf, ldc->reason);
             return AUTHZ_DENIED;
         }
 
@@ -1122,7 +1125,7 @@ static authz_status ldapattribute_check_authorization(request_rec *r,
         /* Search failed, log error and return failure */
         if(result != LDAP_SUCCESS) {
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                "auth_ldap authorise: User DN not found, %s", ldc->reason);
+                "auth_ldap authorise: User DN not found with filter %s: %s", filtbuf, ldc->reason);
             return AUTHZ_DENIED;
         }
 
@@ -1236,7 +1239,7 @@ static authz_status ldapfilter_check_authorization(request_rec *r,
         /* Search failed, log error and return failure */
         if(result != LDAP_SUCCESS) {
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                "auth_ldap authorise: User DN not found, %s", ldc->reason);
+                "auth_ldap authorise: User DN not found with filter %s: %s", filtbuf, ldc->reason);
             return AUTHZ_DENIED;
         }
 
@@ -1410,7 +1413,7 @@ static const char *mod_auth_ldap_parse_url(cmd_parms *cmd,
 
     sec->have_ldap_url = 1;
 
-    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
+    ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, cmd->server,
                  "auth_ldap url parse: `%s', Host: %s, Port: %d, DN: %s, "
                  "attrib: %s, scope: %s, filter: %s, connection mode: %s",
                  url,