httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 49409] require ldap-group allowing any group, not just the required group
Date Wed, 09 Jun 2010 12:33:25 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49409

JC <jcolestock@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |

--- Comment #2 from JC <jcolestock@gmail.com> 2010-06-09 08:33:22 EDT ---
Sorry about that, copied and pasted in the wrong config. I tried it with
ldap-group (repasted the proper config and retested same result, it allows me
to login even though I'm not a member of the "app" group.   I ran slapd with
the loglevel of all, and I didn't even see it make a query to check for the
members of the group.  


<Location /svn>
  DAV svn
  SVNPath /usr/local/svn
  AuthType Basic
  AuthName "Your Subversion Repository"
  AuthBasicProvider ldap
  AuthzLDAPAuthoritative on
  AuthLDAPURL "ldap://10.10.0.20:389/dc=jc,dc=com?uid
  AuthLDAPGroupAttribute memberUid
  AuthLDAPGroupAttributeIsDN off
  Require ldap-group cn=app,ou=Group,dc=jc,dc=com
  AuthzSVNAccessFile /etc/subversion/repos.acl
  Satisfy all
</Location>

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message