httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Covener" <>
Subject authnz_ldap in 2.2.x
Date Wed, 29 Aug 2007 14:28:17 GMT
mod_authnz_ldap in 2.2.x doesn't track whether or not it has seen any
applicable 'Require ldap-*' entries in the requires list, and also
doesn't explicitly accept valid-user (despite a commnt)

Other authz modules check that their flavor of Require was present
where they check if they're configured to be authoritative.  At the
simplest level, this allows the authz modules to DECLINE and let
authz_user authorize based on "Require valid-user"

To do authn-only where LDAP is used as the basic provider, (or
otherwise configured in that context) you have to make LDAP
non-authoritative or come up with some LDAP filter or attribute that
is always true.

Is this something were stuck with in a stable release?   The trunk
authz provider API makes this relevant only to 2.2.x.

Eric Covener

View raw message