Skip Menu |

This queue is for tickets about the LWP-Authen-Negotiate CPAN distribution.

Report information
The Basics
Id: 49019
Status: open
Priority: 0/
Queue: LWP-Authen-Negotiate
People
Owner: Nobody in particular
Requestors: asjo [...] koldfront.dk
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 0.06
Fixed in: (no value)

History Show all quoted text
  Wed Aug 26 08:09:07 2009 http://asjo.koldfront.dk/ - Ticket created
Subject: Infinite authentication loop when the server won't allow us in?
When the server I am trying to fetch a page from won't let me in (maybe my keytab/credentials are bad or something), LWP with LWP::Authen::Negotiate seems to keep trying to fetch the page ad infinitum - leading to a busy process that slowly but surely eats all available RAM. When I can auth correctly with the server, it works great. I was wondering whether there is a way to configure LWP/LWP::Authen::Negotiate to give up after a number of tries (it gets a 401 on the very first request, so it has to retry once, but if I could say "Give up after twenty 401's in a row", I think I'd be home free.) Does this sound plausible, or am I barking up the wrong tree? I will be happy to try and produce a minimal example if it sounds like It Already Should Just Work(tm) I am using LWP::Authen::Negotiate 0.06 with LWP 5.808, perl 5.8.8 on Ubuntu 8.04.2 (hardy). Thanks! Adam
  Wed Aug 26 08:10:05 2009 http://asjo.koldfront.dk/ - Correspondence added
On Wed Aug 26 08:09:07 2009, http://asjo.koldfront.dk/ wrote: Show quoted text
> When the server I am trying to fetch a page from won't let me in
from *a server that* won't let me in (Sorry.)
  Wed Aug 26 08:10:06 2009 The RT System itself - Status changed from 'new' to 'open'
  Thu Aug 27 16:05:42 2009 achim [...] grolmsnet.de - Correspondence added
Subject: Re: [rt.cpan.org #49019] Infinite authentication loop when the server won't allow us in?
Date: Thu, 27 Aug 2009 22:05:18 +0200
To: bug-LWP-Authen-Negotiate [...] rt.cpan.org, asjo [...] koldfront.dk
From: Achim Grolms <achim [...] grolmsnet.de>
On Wednesday 26 August 2009, http://asjo.koldfront.dk/ via RT wrote: Show quoted text
> Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=49019 >
Show quoted text
> When the server I am trying to fetch a page from won't let me in (maybe > my keytab/credentials are bad or something), LWP with > LWP::Authen::Negotiate seems to keep trying to fetch the page ad > infinitum -
Hello Adam, This infinite loop... should simply not happen. Please give me some additional information: 1.Do you have the LWP_AUTHEN_NEGOTIATE_DELEGATE in use? (If yes you dont' need to answer the other 6 questions below) 2. add use LWP::Debug qw(+); to your skript and send me the output of Debug. (The 3 first loops). 3. What kind of webserver do you use? What Kerberos-implemention on serverside? 4 . What Keberos-implementaion on clientside? 5. What Keberos-implementaion as KDC? 6. What's in your /etc/krb5.conf? 7. How do other GSSAPI-webclients, for example Firefox or Konqueror, behave when accessing this loop-triggering webserver? To answer your question: as far as I know the LWP::Authen:: modules work stateless, invoked by LWP with HTTP-connection as parameter - that means that I dont't know where to store the "count" information you suggest. Any ideas how to do this are welcome :-) Best Regards, Achim