Red Hat Bugzilla – Bug 1287844
mod_authz_dbd: group query fails if the user is in multiple group (httpd bug 46421)
Last modified: 2017-11-08 13:24:18 EST
Description of problem:
We are suffering httpd bug 46421 (https://bz.apache.org/bugzilla/show_bug.cgi?id=46421) with MySQL backend for authz. We assessed that the last version of mod_authz_dbd (rebuilt from sources, fixed in httpd 2.4.13) works. Any chance to have this patch backported to RHEL7 httpd.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create 2 groups (e.g. group1 and group2) into the httpd authz MySQL backend and add the same user in both groups
2. Add a 'require dbd-group group1' (or group2) for one <Directory> or <Location>
3. In a browser, try to access the URL: you'll get a 403 error (forbidden)
Successful access to the url
Thanks for the report. If this issue is critical or in any way time sensitive,
please raise a ticket through your regular Red Hat support channels to make
certain it receives the proper attention and prioritization to assure a timely
Thanks for the answer. In fact I'm a CentOS user so I don't think I can report it through the regular RH support channel. I hope it will be taken into account anyway...
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.