httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Zlatanov <...@lifelogs.com>
Subject Re: can mod_auth_ldap expose user's DN in environment (for custom logs)?
Date Fri, 18 Mar 2011 13:47:41 GMT
On Wed, 02 Mar 2011 12:11:36 +0100 Guenter Knauf <fuankg@apache.org> wrote: 

GK> Hi Ted,
GK> Am 01.03.2011 21:06, schrieb Ted Zlatanov:
>> Sorry if this has been discussed before.  I couldn't find past mentions
>> after searching the archives.  If there's a better way than what I'm
>> suggesting, please let me know.
>> 
>> In addition to the user name I need the LDAP DN of the user in the
>> custom log.  That's available in mod_auth_ldap but not exposed.  I
>> propose to modify modules/ldap/util_ldap.c:uldap_cache_comparedn() to
>> (optionally?) store the DN in a "LDAP_DN" environment variable which can
>> then be shown in the custom log and used in other ways.
GK> isnt AuthLDAPRemoteUserIsDN what you want?
GK> http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#authldapremoteuserisdn

On Wed, 2 Mar 2011 06:45:53 -0500 Eric Covener <covener@gmail.com> wrote: 

EC> can you just add 'dn' to the end of AUTHLDAPURL and log AUTHENTICATE_DN?

EC> http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#exposed

Both approaches were helpful.  Thank you for your help!  I posted once
already and got rejected through Gmane, so I cc-ed the two followup
posters directly in case this post doesn't make it either.

Ted


Mime
View raw message