Hi,
Tom Evans schrieb:
On Thu, 2009-10-01 at 17:18 -0400, Tony Rice (trice) wrote:
This is how we do it:
[...]
AuthzLDAPAuthoritative "On"
Require valid-user
Require ldap-group cn=Department,ou=Groups,o=Company
Does this work?
When I read the docs:
"Require valid-user
If this directive exists, mod_authnz_ldap grants access to any user that
has successfully authenticated during the search/bind phase."
and:
"Other Require values may also be used which may require loading
additional authorization modules. Note that if you use a Require value
from another authorization module, you will need to ensure that
AuthzLDAPAuthoritative is set to off to allow the authorization phase
to fall back to the module providing the alternate Require value."
-> http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html
This seems to me like either "Require valid-user" is not working at all
- because AuthzLDAPAuthoritative is "On" - or it overrules any
ldap-group setting. Hm!?
Marc
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
