[BUG] Apache 2.2 ldap authzn module behaviour wrong

Summary
 The LDAP authentication module does not send 403 when user successfully authenticates to the system but is not authorized to see content.

Steps to reproduce
 Configure LDAP authentication. Setup directory with   require ldap-user username

Expected behaviour
 After providing correct credentials, a 403 should occur if username does not match.

What happens
 User is given 401, and asked to reauthenticate.

Version and other information
 Server version: Apache/2.2.3
 Server built: Jun 17 2007 20:24:06  

 debian_version 4.0

 LDAP server is Microsoft Active Directory  AuthzLDAPAuthoritative is On

Aki Tuomi

-- 
To UNSUBSCRIBE, email to debian-apache-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek