as in r1517366, drop the severity in authz_groupfile when a require
didn't match but no real error was encountered.
This individual 'require group' may not really dictate who gets in. PR55523
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1661749 13f79535-47bb-0310-9956-
ffa450edef68
*) mod_authn_dbd: Fix the error message logged in case of error while querying
the database. This is associated to AH01656 and AH01661. [Christophe Jaillet]
+
+ *) mod_authz_goupfile: Reduce the severity of AH01667 from ERROR to DEBUG,
+ because it may be evaluated inside <RequireAny>. PR55523. [Eric Covener]
Changes with Apache 2.4.12
2.4.x patch: trunks works (modulo CHANGES)
+1: ylavic, rjung, jailletc36
- * mod_authz_groupfile: Don't log routine authz failure at ERROR because
- it's just as likely to be OR'ed with other authz results. PR55523, try 2.
- trunk patch: http://svn.apache.org/r1654184
- 2.4.x patch: trunk works + CHANGES
- +1: covener, minfrin, ylavic
-
* Easy patches - synch with trunk
- Add missing APLOGNO.
- mod_deflate: don't require <limits.h> by using APR_INT32_MAX instead of INT_MAX.
}
}
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01667)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01667)
"Authorization of user %s to access %s failed, reason: "
"user is not part of the 'require'ed group(s).",
r->user, r->uri);
projects / thirdparty / apache / httpd.git / commitdiff
