[Bug 2913] mod_auth_pam fallthrough always fails (because mod_auth_pam never returns PAM_USER_UNKNOWN)

Jeoff jeoffwilks at gmail.com
Wed Nov 9 19:44:43 UTC 2005


Public bug report changed:
https://launchpad.net/malone/bugs/2913

Comment:
I encountered this same problem, so for those just searching for the workaround, I found the solution buried in the README file for the package libapache-mod-auth-pam 1.1.1-7.1 package.
http://hanzubon.jp/ubuntu/pool/universe/liba/libapache-mod-auth-pam/libapache-mod-auth-pam_1.1.1-7.1.diff.gz

The short answer is, mod_auth is handling your "require" statements *before* mod_auth_pam, so you have to tell it to give other modules a chance by setting "AuthAuthoritative Off".
http://httpd.apache.org/docs/2.0/mod/mod_auth.html#authauthoritative

The mod_auth_pam documentation says to use "AuthPAM_FallThrough on" to
allow other modules a chance to provide authentication info. That only
works if mod_auth_pam is handling requests *before* mod_auth.




More information about the universe-bugs mailing list