Log verbosity for "NO AUTH DATA Client did not send any authentication headers"

[ymartin59]

I have updated from 1.4.1 to 1.5.1 and Apache2 error log fills in with

[auth_gssapi:error]  NO AUTH DATA Client did not send any authentication headers

I really wonder if this message should be thrown with error log level. I find it more adequate at info or even debug level, as any first HTTP request is expected to come without authentication header before server replies with header WWW-Authentication: Negotiate (from my memory, I have not checked exact statement)

What do you think about it ?

[ymartin59]

Code location: https://github.com/modauthgssapi/mod_auth_gssapi/blob/master/src/mod_auth_gssapi.c#L985

[simo5]

Makes sense

[mortenn]

I just noticed a flood of these after updating our servers this weekend. Would be very nice to squelch them :)

[emansom]

Please revert this. It makes misconfigurations less obvious.

[frozencemetery]

@emansom The problem is that many correct requests come in with no auth headers, as noted upthread. Logging them all at error would be too high severity - we end up crying wolf. Note that we still log the message, just not at error.