httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Trawick" <traw...@gmail.com>
Subject Re: svn commit: r386776 - in /httpd/httpd/trunk/docs/manual/mod: mod_ldap.html.en mod_ldap.xml
Date Sat, 18 Mar 2006 12:05:03 GMT
On 3/18/06, Graham Leggett <minfrin@sharp.fm> wrote:
> trawick@apache.org wrote:
>
> > URL: http://svn.apache.org/viewcvs?rev=386776&view=rev
> > Log:
> > LDAPConnectionTimeout and LDAPVerifyServerCert can be configured
> > per-vhost
>
> We need to note in addition to this that not all LDAP SDK libraries
> support the concept of separately configurable "verify server cert"
> behaviour.
>
> In other words, even though you specify LDAPVerifyServerCert in LDAP
> connections from vhost A, you end up overriding this when you specify it
> in vhost B.
>
> This affects people using the Novell SDK.

Beyond doc, do you agree we can change the code so that  the virtual
host configuration is disallowed when APR_HAS_NOVELL_LDAPSDK?

> I think putting a note in the directive pointing people to
> http://httpd.apache.org/docs/2.2/mod/mod_ldap.html#settingcerts will
> save some questions on mailing lists.

Sure.  If we tweak the code to disallow vhost coding for libraries
where we know it doesn't work, that will affect the wording.

Mime
View raw message