httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r701648 - in /httpd/httpd/branches/2.2.x/docs/manual/mod: mod_authnz_ldap.html.en mod_authnz_ldap.xml
Date Sat, 04 Oct 2008 14:59:10 GMT
Author: covener
Date: Sat Oct  4 07:59:09 2008
New Revision: 701648

URL: http://svn.apache.org/viewvc?rev=701648&view=rev
Log:
AuthbasicProvider of something other then LDAP, with AuthLDAPURL in the per-dir config
behaves a little unintuitively. Document the behavior if/until LDAP can better step
out of the way during authorization.

PR#45946


Modified:
    httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.html.en
    httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.xml

Modified: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.html.en?rev=701648&r1=701647&r2=701648&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.html.en (original)
+++ httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.html.en Sat Oct  4 07:59:09
2008
@@ -953,6 +953,14 @@
 
     <p>See above for examples of <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code>
URLs.</p>
 
+    <p> When <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code>
+    is enabled in a particular context, but some other module has performed
+    authentication for the request, the server will try to map the username to a DN
+    during authorization regardless of whether or not LDAP-specific requirements
+    are present. To ignore the failures to map a username to a DN during
+    authorization, set <code class="directive"><a href="#&#10;    authzldapautoritative">
+    AuthzLDAPAutoritative</a></code> to "off".</p>
+
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="directive-section"><h2><a name="AuthzLDAPAuthoritative" id="AuthzLDAPAuthoritative">AuthzLDAPAuthoritative</a>
<a name="authzldapauthoritative" id="authzldapauthoritative">Directive</a></h2>

Modified: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.xml?rev=701648&r1=701647&r2=701648&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.xml (original)
+++ httpd/httpd/branches/2.2.x/docs/manual/mod/mod_authnz_ldap.xml Sat Oct  4 07:59:09 2008
@@ -974,6 +974,14 @@
 
     <p>See above for examples of <directive
     module="mod_authnz_ldap">AuthLDAPURL</directive> URLs.</p>
+
+    <p> When <directive module="mod_authnz_ldap">AuthLDAPURL</directive>
+    is enabled in a particular context, but some other module has performed
+    authentication for the request, the server will try to map the username to a DN
+    during authorization regardless of whether or not LDAP-specific requirements
+    are present. To ignore the failures to map a username to a DN during
+    authorization, set <directive module="mod_authnz_ldap">
+    AuthzLDAPAutoritative</directive> to "off".</p>
 </usage>
 </directivesynopsis>
 



Mime
View raw message