Change LDAP authentication failures (user->DN or password check) to log

level INFO from log level WARNING.  This is still liberal for authn
providers.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902641 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 0126552f5bb7b26faf2c2b1bdd9fb8245e81157e..e0782208cff82e3acb28b39b7dbf305551289db6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 
 Changes with Apache 2.3.6
 
+  *) mod_authnz_ldap: Failures to map a username to a DN, or to check a user
+     password now result in an informational level log entry instead of 
+     warning level.  [Eric Covener]
+
 Changes with Apache 2.3.5
 
   *) Ensure each subrequest has a shallow copy of headers_in so that the

diff --git a/modules/aaa/mod_authnz_ldap.c b/modules/aaa/mod_authnz_ldap.c
index 15aec4de73ed5a489249c21c4b82f5bbdb6bd9c3..28e0bb537e745afc599a798640317651943fdcb8 100644 (file)
--- a/modules/aaa/mod_authnz_ldap.c
+++ b/modules/aaa/mod_authnz_ldap.c
@@ -417,7 +417,7 @@ start_over:
            return AUTH_USER_NOT_FOUND;
         }
 
-        ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
+        ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
                       "[%" APR_PID_T_FMT "] auth_ldap authenticate: "
                       "user %s authentication failed; URI %s [%s][%s]",
                       getpid(), user, r->uri, ldc->reason, ldap_err2string(result));