httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 32426] - Setting AuthLDAPRemoteUserIsDN breaks require user
Date Thu, 02 Dec 2004 09:27:35 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=32426>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=32426


dbb@st-andrews.ac.uk changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From dbb@st-andrews.ac.uk  2004-12-02 10:27 -------

Fixed in 2.1 / 2.2

Comments from Brad Nicholes on dev list

The short answer is that it is already fixed in Apache 2.1/2.2. 
Unfortunately you have hit on one of the limitations of the Apache 2.0
authentication module structure.  The problem is that authorization
types are replicated through multiple authentication modules. 
Fortunately this has all been taken care of in Apache 2.1/2.2.  For
example, in the Apache 2.1/2.2 version of mod_authnz_ldap, the
authorization types are no longer user, group, etc., they are ldap-user,
ldap-group, etc.  You can also mix and match different types of
authorization with authentication.  The quick fix for Apache 2.0 is to
set "AuthAuthoritative off" so that if the mod_auth authorization fails,
it will defer to mod_auth_ldap which will work.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message