Apache LDAP authentication error for Chrome and not for Firefox

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Apache LDAP authentication error for Chrome and not for Firefox

Roberto Carna
Hi people, I've implemented LDAP authentication in my Apache2 2.4.38 server.

The authentication works OK. 

When I use Firefox web browser I authenticate OK and I have not error logs at all, but when I use Chrome web browser the authentication is OK but the Apache error.log has several entries and also the users are blocked for the AD because there are many authentication failures.

I show you the defaul-ssl.conf and error.log files in order to get your help please:

/etc/apache2/sites-enables/default-ssl.conf:

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin webmaster@localhost
                DocumentRoot /var/www/nfsen
                DirectoryIndex nfsen.php        
                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined
                SSLEngine on
                SSLCertificateFile      /etc/ssl/certs/netflow.pem
                SSLCertificateKeyFile /etc/ssl/private/netflow.key
                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
                
<Directory "/var/www/nfsen">
                DirectoryIndex nfsen.php
                AuthType Basic
                AuthBasicProvider ldap
                AuthName "NFSEN - Autenticacion LDAP"
                AuthType Basic
                AuthBasicProvider ldap
                AuthName "Netflow Monitor - AD auth"
                AuthLDAPBindDN "CN=john,OU=infra,OU=company,DC=com"
                AuthLDAPBindPassword "jhdjdah7/7hahIIU"
                 AuthLDAPURL "ldap://172.22.44.12:389/OU=infra,DC=company,DC=com?sAMAccountName?sub
                AuthLDAPMaxSubGroupDepth 20
                Require ldap-user "rcarna"
                Require ldap-user "mmiller"  
</Directory>

        </VirtualHost>
</IfModule>

/var/log/apache2/error.log:

[Mon Dec 02 09:51:58.100028 2019] [auth_basic:error] [pid 28794] [client 10.1.8.10:37467] AH01617: user rcarna: authentication failure for "/pic.php": Password Mismatch, referer: https://netflow.company.com/
[Mon Dec 02 09:51:58.134425 2019] [auth_basic:error] [pid 28795] [client 10.1.8.10:37466] AH01617: user rcarna: authentication failure for "/icons/shade.png": Password Mismatch, referer: https://netflow.company.com/css/nfsen.css
[Mon Dec 02 09:51:58.147875 2019] [auth_basic:error] [pid 28794] [client 10.1.8.10:37467] AH01617: user rcarna: authentication failure for "/icons/shadeactive.png": Password Mismatch, referer: https://netflow.company.com/css/nfsen.css
[Mon Dec 02 10:01:42.818247 2019] [auth_basic:error] [pid 28795] [client 10.1.8.1:52298] AH01617: user rcarna: authentication failure for "/nfsen.php": Password Mismatch

Special thanks !!!