Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: 500 internal server Error on Apache24 |
|
| Author |
|
muniyal
Joined: 25 Sep 2014
Posts: 2
Location: India, Delhi
|
 Posted: Fri 26 Sep '14 7:40 Post subject: 500 internal server Error on Apache24 |
 |
|
I have installed Apache webserver version 2.4
We have a webserver plugin which is developed in c++ and is deployed on this webserver.
This plugin does the job of authentication and authorization of users.
So basically, when the standard index.html page of the WS is accessed, our plugin will -
i). Intercept this request.
ii). Ask for user credentials for our server(which is developed in java) to validate the username and password -- Performing authentication.
iii). when one logout the session, the plugin clear the cookie/expire the session for the given user, so that when next time this user try to access the resource, user would be challenged.
So, the issue I am facing here with Apache 2.4(only) is in logout case -
When the user logout "http://<host:port>/logout.pl" from his session, the 'plugin' expire the cookie as expected, but Apache 2.4 gives 500 internal server error on browser instead of showing custom logout.pl page. The plugin logs are all clean and do not show any error messages.
The apache error logs show us a message -
[Thu Sep 11 03:07:05.474435 2014] [core:error] [pid 29925] [client 10.178.77.243:65519] AH00027: No authentication done but request not allowed without authentication for /logout.html. Authentication not configured?
Note-
1. We have included a conf file in httpd.conf of apache which is specific for loading our plugin.
The contents in that include the following -
<LocationMatch "/oamsso-bin/logout.pl">
Require valid_user
</LocationMatch>
OR
<LocationMatch "/oamsso-bin/logout.pl">
Order allow,deny
Allow from all
</LocationMatch>
//*<Plugin works fine, but b=apache24 gives 500 internal server error>
2. I checked online and found for apache2.4 one should use "Require all granted" directive to resolve such issues,
<LocationMatch "/oamsso-bin/(logout.pl|securid.pl)">
Require all granted
</LocationMatch>
//* custom plugin is not called at all, though apache24 not giving any error
Is there any webserver variable that needs to be set which is causing this issue? This works fine with same configuration on apache2.2 |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7298
Location: Germany, Next to Hamburg
|
| Posted: Wed 15 Oct '14 18:06 Post subject: |
|
|
Use
Require all granted
instead of
Order allow,deny
Allow from all |
|
| Back to top |
|
|
|
|
|
|
