httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject svn commit: r151743 - in httpd/httpd/trunk: CHANGES docs/manual/mod/mod_authnz_ldap.xml
Date Mon, 07 Feb 2005 19:08:59 GMT
Author: bnicholes
Date: Mon Feb  7 11:08:58 2005
New Revision: 151743

URL: http://svn.apache.org/viewcvs?view=rev&rev=151743
Log:
Document the new optional parameter for AuthLDAPUrl

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?view=diff&r1=151742&r2=151743
==============================================================================
--- httpd/httpd/trunk/CHANGES (original)
+++ httpd/httpd/trunk/CHANGES Mon Feb  7 11:08:58 2005
@@ -2,6 +2,11 @@
 
   [Remove entries to the current 2.0 section below, when backported]
 
+  *) mod_authnz_ldap: Added an optional second parameter to AuthLDAPURL
+     to allow it to override the connection type set in mod_ldap. This
+     parameter can be set to NONE, SSL or TLS | STARTTLS.
+     [Brad Nicholes]
+
   *) Fix --with-apr=/usr and/or --with-apr-util=/usr.  PR 29740.
      [Max Bowsher <maxb ukf.net>]
 

Modified: httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml?view=diff&r1=151742&r2=151743
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml Mon Feb  7 11:08:58 2005
@@ -532,15 +532,23 @@
 <section id="usingtls"><title>Using TLS</title>
 
     <p>To use TLS, see the <module>mod_ldap</module> directives <directive
-    module="mod_ldap">LDAPTrustedCA</directive> and <directive
-    module="mod_ldap">LDAPTrustedCAType</directive>.</p>
+    module="mod_ldap">LDAPTrustedClientCert</directive>, <directive
+    module="mod_ldap">LDAPTrustedGlobalCert</directive> and <directive
+    module="mod_ldap">LDAPTrustedMode</directive>.</p>
+
+    <p>An optional second parameter can be added to the 
+    <directive module="mod_authnz_ldap">AuthLDAPURL</directive> to override
+    the default connection type set by <directive module="mod_ldap">LDAPTrustedMode</directive>.
+    This will allow the connection established by an <em>ldap://</em> Url 
+    to be upgraded to a secure connection on the same port.</p>
 </section>
 
 <section id="usingssl"><title>Using SSL</title>
 
     <p>To use SSL, see the <module>mod_ldap</module> directives <directive
-    module="mod_ldap">LDAPTrustedCA</directive> and <directive
-    module="mod_ldap">LDAPTrustedCAType</directive>.</p>
+    module="mod_ldap">LDAPTrustedClientCert</directive>, <directive
+    module="mod_ldap">LDAPTrustedGlobalCert</directive> and <directive
+    module="mod_ldap">LDAPTrustedMode</directive>.</p>
 
     <p>To specify a secure LDAP server, use <em>ldaps://</em> in the
     <directive module="mod_authnz_ldap">AuthLDAPURL</directive>
@@ -816,7 +824,7 @@
 <directivesynopsis>
 <name>AuthLDAPUrl</name>
 <description>URL specifying the LDAP search parameters</description>
-<syntax>AuthLDAPUrl <em>url</em></syntax>
+<syntax>AuthLDAPUrl <em>url [NONE|SSL|TLS|STARTTLS]</em></syntax>
 <contextlist><context>directory</context><context>.htaccess</context>
 </contextlist>
 <override>AuthConfig</override>
@@ -903,6 +911,22 @@
     a client attempts to connect using a username of <code>Babs
     Jenson</code>, the resulting search filter will be
     <code>(&amp;(posixid=*)(cn=Babs Jenson))</code>.</p>
+
+    <p>An optional parameter can be added to allow the LDAP Url to override 
+    the connection type.  This parameter can be one of the following:</p>
+
+<dl>
+    <dt>NONE</dt>
+        <dd>Establish an unsecure connection on the default LDAP port. This
+        is the same as <code>ldap://</code> on port 389.</dd>
+    <dt>SSL</dt>
+        <dd>Establish a secure connection on the default secure LDAP port.
+        This is the same as <code>ldaps://</code></dd>
+    <dt>TLS | STARTTLS</dt>
+        <dd>Establish an upgraded secure connection on the default LDAP port.
+        This connection will be initiated on port 389 by default and then 
+        upgraded to a secure connection on the same port.</dd>
+</dl>
 
     <p>See above for examples of <directive
     module="mod_authnz_ldap">AuthLDAPURL</directive> URLs.</p>



Mime
View raw message