Package: apache2.2-common Version: 2.2.3-3.1 Severity: normal
Subject: apache2.2-common: mod_authn_alias does not play well with mod_authnz_ldap Package: apache2.2-common Version: 2.2.3-3.1 Severity: normal The AuthnProviderAlias directive provided by mod_authn_alias does not play well with LDAP authorization (provided by mod_authnz_ldap.) Specifically, using AuthnProviderAlias with LDAP breaks the require directives ldap-user and ldap-group. By way of example, consider the following: <AuthnProviderAlias ldap ldap-alias> AuthLDAPURL ldap://fdqn/dc=foo,dc=bar?uid?? AuthLDAPGroupAttributeIsDN off AuthLDAPGroupAttribute memberUid </AuthnProviderAlias> <Location /foo> AuthBasicProvider ldap-alias AuthType Basic AuthName "auth via AuthnProvideAlias" require ldap-user baz </Location> <Location /bar> AuthBasicProvider ldap AuthLDAPURL ldap://fdqn/dc=foo,dc=bar?uid?? AuthLDAPGroupAttributeIsDN off AuthLDAPGroupAttribute memberUid AuthType Basic AuthName "direct auth" require ldap-user baz </Location> In both cases LDAP authentication works. However, authorization at /foo does not and gives an error like: access to /foo failed, reason: require directives present and no Authoritative handler. Authorization to /bar does work. As a side note, rrequire valid-user will work in either case. -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-686-smp Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.3-3.1 utility programs for webservers ii libmagic1 4.17-4 File type determination library us ii lsb-base 3.1-15 Linux Standard Base 3.1 init scrip ii mime-support 3.37-1 MIME files 'mime.types' & 'mailcap ii net-tools 1.60-17 The NET-3 networking toolkit apache2.2-common recommends no packages. -- no debconf information -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-686-smp Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.3-3.1 utility programs for webservers ii libmagic1 4.17-4 File type determination library us ii lsb-base 3.1-15 Linux Standard Base 3.1 init scrip ii mime-support 3.37-1 MIME files 'mime.types' & 'mailcap ii net-tools 1.60-17 The NET-3 networking toolkit apache2.2-common recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
