httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r881812 - in /httpd/httpd/trunk/docs/manual/mod: mod_authnz_ldap.html.en mod_authnz_ldap.xml
Date Wed, 18 Nov 2009 15:55:29 GMT
Author: covener
Date: Wed Nov 18 15:55:29 2009
New Revision: 881812

URL: http://svn.apache.org/viewvc?rev=881812&view=rev
Log:
doc for AuthLDAPBindAuthoritative

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en
    httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en?rev=881812&r1=881811&r2=881812&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en Wed Nov 18 15:55:29 2009
@@ -59,6 +59,7 @@
 </div>
 <div id="quickview"><h3 class="directives">Directives</h3>
 <ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#authldapbindauthoritative">AuthLDAPBindAuthoritative</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authldapbinddn">AuthLDAPBindDN</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authldapbindpassword">AuthLDAPBindPassword</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authldapcharsetconfig">AuthLDAPCharsetConfig</a></li>
@@ -754,6 +755,35 @@
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPBindAuthoritative" id="AuthLDAPBindAuthoritative">AuthLDAPBindAuthoritative</a>
<a name="authldapbindauthoritative" id="authldapbindauthoritative">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines
if other authentication providers are used when a user can be mapped to a DN but the server
cannot successfully bind with the users credentials.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPBindAuthoritative<em>off|on</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPBindAuhtoritative
on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory,
.htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>By default, subsequent authentication providers are only queried if a 
+    user cannot be mapped to a DN, but not if the user can be mapped to a DN and their
+    password cannot be verified with an LDAP bind.  
+    If <code class="directive"><a href="#authldapbindauthoritative">AuthLDAPBindAuthoritative</a></code>

+    is set to <em>off</em>, other configured authentication modules will have

+    a chance to validate the user if the LDAP bind (with the current users credentials) 
+    fails for any reason.</p>
+    <p> This allows users present in both LDAP and 
+    <code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code>
to authenticate
+    when the LDAP server is available but the users account is locked or password
+    is otherwise unusable.</p>
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code></li>
+<li><code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="directive-section"><h2><a name="AuthLDAPBindDN" id="AuthLDAPBindDN">AuthLDAPBindDN</a>
<a name="authldapbinddn" id="authldapbinddn">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Optional
DN to use in binding to the LDAP server</td></tr>

Modified: httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml?rev=881812&r1=881811&r2=881812&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml Wed Nov 18 15:55:29 2009
@@ -752,6 +752,31 @@
 </section>
 
 <directivesynopsis>
+<name>AuthLDAPBindAuthoritative</name>
+<description>Determines if other authentication providers are used when a user can
be mapped to a DN but the server cannot successfully bind with the users credentials.</description>
+<syntax>AuthLDAPBindAuthoritative<em>off|on</em></syntax>
+<default>AuthLDAPBindAuhtoritative on</default>
+<contextlist><context>directory</context><context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+<usage>
+    <p>By default, subsequent authentication providers are only queried if a 
+    user cannot be mapped to a DN, but not if the user can be mapped to a DN and their
+    password cannot be verified with an LDAP bind.  
+    If <directive module="mod_authnz_ldap">AuthLDAPBindAuthoritative</directive>

+    is set to <em>off</em>, other configured authentication modules will have

+    a chance to validate the user if the LDAP bind (with the current users credentials) 
+    fails for any reason.</p>
+    <p> This allows users present in both LDAP and 
+    <directive module="mod_authn_file">AuthUserFile</directive> to authenticate
+    when the LDAP server is available but the users account is locked or password
+    is otherwise unusable.</p>
+</usage>
+<seealso><directive module="mod_authn_file">AuthUserFile</directive></seealso>
+<seealso><directive module="mod_auth_basic">AuthBasicProvider</directive></seealso>
+</directivesynopsis>
+
+<directivesynopsis>
 <name>AuthLDAPBindDN</name>
 <description>Optional DN to use in binding to the LDAP server</description>
 <syntax>AuthLDAPBindDN <em>distinguished-name</em></syntax>



Mime
View raw message