httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <>
Subject Re: [PATCH 48780] Input and improvements requested for suggested enhancement 48780
Date Mon, 22 Feb 2010 17:22:55 GMT
On Mon, Feb 22, 2010 at 12:15 PM, Thomas, Peter <> wrote:
> The beauty is that it doesn't change the authorization behavior, except to the extent
that the bind-as-user is bypassed if the option is set.  I only found one location that attempted
to validate the user's password, so I surmized that was the 2nd [compare] operation, and I
used the "get user DN" variant which--according to the mod_ldap documentation, verified by
my visual inspection--is a copy of "check user cert" without the user bind.

But wouldn't that mean LDAP authorization + any other authentication
provider would be working today?

Eric Covener

View raw message