httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <rpl...@apache.org>
Subject Re: LDAP and subgroups
Date Tue, 04 Mar 2008 20:07:31 GMT


On 03/04/2008 08:28 PM, John D'Ausilio wrote:
>
> mod_authnz_ldap.c(774): [client 10.5.131.52] [31275] auth_ldap
> authorise: require group (sub-group): authorisation successful
> (attribute member) [Comparison true (cached)][6 - Compare True]
> [client 10.5.131.52] user jdausilio: authorization failure for "/index.html":
> 
> It appears to me that it should be letting me in, but it's not. Before
> filing a bug .. is this all sane?

Can you please try if the following patch fixes your problem:

Index: mod_authnz_ldap.c
===================================================================
--- mod_authnz_ldap.c   (Revision 633609)
+++ mod_authnz_ldap.c   (Arbeitskopie)
@@ -775,7 +775,7 @@
                                     "[%" APR_PID_T_FMT "] auth_ldap authorise: require group
(sub-group): "
                                     "authorisation successful (attribute %s) [%s][%d - %s]",
                                     getpid(), ent[i].name, ldc->reason, result, ldap_err2string(result));
-                     return OK;
+                     return AUTHZ_GRANTED;
                  }
                  else {
                      ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,


Regards

RĂ¼diger

Mime
View raw message