[horde] Sending 401 [pid xxx on line 158 of .../Horde/Rpc/ActiveSync.php

Simon B simon.buongiorno at gmail.com
Wed Jan 20 17:11:08 UTC 2016


On 20 Jan 2016 17:59, "Michael J Rubinsky" <mrubinsk at horde.org> wrote:
>
>
> Quoting Simon B <simon.buongiorno at gmail.com>:
>
>> On 20 Jan 2016 13:48, "Michael J Rubinsky" <mrubinsk at horde.org> wrote:
>>>
>>>
>>>
>>> Quoting Simon B <simon.buongiorno at gmail.com>:
>>>
>>>> Hi
>>>>
>>>> Yesterday I upgraded Prod to:
>>>> Address Book Address Book (turba) 4.2.11
>>>> Calendar Calendar (kronolith) 4.2.11
>>>> content 2.0.5
>>>> Filters Filters (ingo) 3.2.7
>>>> Horde Horde (horde) 5.2.8
>>>> Mail Mail (imp) 6.2.11
>>>> Notes Notes (mnemo) 4.2.8
>>>> Password Password (passwd) 5.0.4
>>>> Tasks Tasks (nag) 4.2.6
>>>> timeobjects 2.1.0
>>>>
>>>> This morning, I have this in my logs..
>>>>
>>>> 2016-01-19T06:13:50+00:00 ERR: HORDE-PROD Sending 401 [pid 14588 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T06:28:52+00:00 ERR: HORDE-PROD Sending 401 [pid 14592 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T06:43:54+00:00 ERR: HORDE-PROD Sending 401 [pid 14721 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T06:58:55+00:00 ERR: HORDE-PROD Sending 401 [pid 21453 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T07:13:58+00:00 ERR: HORDE-PROD Sending 401 [pid 14683 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T07:28:59+00:00 ERR: HORDE-PROD Sending 401 [pid 21524 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T07:44:01+00:00 ERR: HORDE-PROD Sending 401 [pid 14592 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T07:59:02+00:00 ERR: HORDE-PROD Sending 401 [pid 14592 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T07:59:49+00:00 ERR: HORDE-PROD Sending 401 [pid 21529 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T08:14:02+00:00 ERR: HORDE-PROD Sending 401 [pid 21454 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T08:29:05+00:00 ERR: HORDE-PROD Sending 401 [pid 25042 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T08:29:07+00:00 ERR: HORDE-PROD Sending 401 [pid 25047 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T08:33:42+00:00 ERR: HORDE-PROD Sending 401 [pid 25047 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>> 2016-01-19T08:33:45+00:00 ERR: HORDE-PROD Sending 401 [pid 25047 on
line
>>>> 158 of "/usr/share/php/Horde/Rpc/ActiveSync.php"]
>>>>
>>>> Going back to the minute I restarted Apache yesterday after doing the
>>>> upgrade..
>>>>
>>>> I don't see anything here that would cause an issue:
>>>> 157             } catch (Horde_Exception_AuthenticationFailure $e) {
>>>> 158                 $this->_sendAuthenticationFailedHeaders($e);
>>>> 159                 exit;
>>>>
>>>> Thanks.
>>>>
>>>> Simon
>>>
>>>
>>>
>>> Looks like some client is constantly sending incorrect authentication
>>
>> data.
>>
>> Hi Mike
>>
>> I find that hard to believe given the timing.
>
>
> Well, the only way for that code to be reached is if authentication
failed. Failure can happen in a number of ways - some of which will give
you more detailed logging in the actual sync log (such as denying access
per policy settings - though those give a 403 response IIRC), and not the
general horde log. You can also look in the webserver log to see which
client is issuing the requests.
>
>
>>  And the fact that a Google
>> search didn't turn anything up.
>
>
> Why would google search turn up someone using an incorrect password?
>
>
>> My user can't be the first user to have
>> ever had a mis-configured client.  Additionally, I know no one changed
>> their password yesterday.
>>
>> However, couldn't it say that instead?  From the log entries supplied
it's
>> impossible to tell which user/client has the issue.
>
>
> Say what? HTTP 401 *is* an authentication denied code. We don't have any
other details at that point in the failure to indicate which user it is
because, well, the user isn't authenticated. The server log will show you
the actual request - which would include the client's identification. In
addition, a well-behaving client will tell the user it received a 401
response - and prompt the user for his/her credentials.

Okay.  Thanks for the additional hints.

I also wasn't aware that's what the "sending 401" referred to.  Makes much
more sense now! :)

Cheers

Simon


More information about the horde mailing list