APAR status
Closed as program error.
Error description
Failures during various LDAP library calls from within mod_ldap and mod_ibm_ldap resulted in different responses to the client. Most resulted in varying numbers of retries. Some resulted in delays between retries. Bind failures, however, resulted in the client receiving an immediate HTML 503 or 500 error without delay or retry. All operating systems are impacted by this APAR.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: IBM HTTP Server 6.0 and 6.1 users of * * mod_ibm_ldap and users of IBM HTTP Server 7.0 mod_ibm_ldap * * and mod_ldap may encounter this issue. * **************************************************************** * PROBLEM DESCRIPTION: LDAP calls from the mod_ibm_ldap and * * mod_ldap modules to an LDAP server may encounter failures * * that result in varying numbers of retries (including none) * * with varying delay (including none) and possibly return an * * HTTP_SERVICE_UNAVAILABLE (503) or HTTP_INTERNAL_SERVER_ERROR * * (500) to the client. * **************************************************************** * RECOMMENDATION: Apply this fix if an LDAP module is enabled * * and the error_log contains messages indicating that the LDAP * * module was "Unable to contact the LDAP Server". This should * * also be applied if clients have received an HTTP_INTERNAL_ * * SERVER_ERROR (500) or HTTP_SERVICE_UNAVAILABLE (503) return * * value to a request requiring LDAP authentication. * **************************************************************** No circumvention or workaround.
Problem conclusion
This problem has been addressed by carefully making sure that all LDAP library calls from mod_ibm_ldap and mod_ldap utilize the same number of retries with the same pattern of delays and return a meaningful and accurate response to the client. This fix is targeted for IHS fixpacks: - 6.0.2.37 - 6.1.0.27 - 7.0.0.5
Temporary fix
Comments
APAR Information
APAR number
PK79583
Reported component name
IBM HTTP SERVER
Reported component ID
5724J0801
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2009-01-28
Closed date
2009-04-23
Last modified date
2009-04-23
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
IBM HTTP SERVER
Fixed component ID
5724J0801
Applicable component levels
R60A PSN
UP
R60H PSN
UP
R60I PSN
UP
R60P PSN
UP
R60S PSN
UP
R60W PSN
UP
R60Z PSN
UP
R61A PSN
UP
R61H PSN
UP
R61I PSN
UP
R61P PSN
UP
R61S PSN
UP
R61W PSN
UP
R61Z PSN
UP
R700 PSN
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0"}]
Document Information
Modified date:
07 September 2022