httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 40926] - require ldap-group doesn't seem to work as exposed in the doc.
Date Thu, 09 Nov 2006 09:01:11 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40926>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40926





------- Additional Comments From christophe.gravier@univ-st-etienne.fr  2006-11-09 01:01 -------
I think mod_authz_ldap have access to uniqueMember as I give anonymous right for
search and compare for group membership(testing purpose).

Nevertheless, I tried to add those 2 directive to avoid an anonymous bind. The
resulting configuration is the following:
<Directory /home/siteweb>
        AuthName "Site web en construction"
        AuthBasicProvider ldap
        AuthType basic
        AuthLDAPURL
ldap://ist-guizay.univ-st-etienne.fr:389/ou=person,o=istase,c=fr?uid
        AuthLDAPBindDN uid=.... (my manager DN)
        AuthLDAPBindPassword my_plain_text_text_manager_password
        require ldap-group cn=groupeProf,ou=groups,o=istase,c=fr
</Directory>

But I have still the same problem. No error in error.log, seems like I'm
authenticated but not authorized.

I also tried to add the directive AuthLDAPGroupAttribute and
AuthLDAPGroupAttributeIsDN to their default values (as it matches my
configuration), that means:
        AuthLDAPGroupAttribute uniqueMember
        AuthLDAPGroupAttributeIsDN on

But still the same problem.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message