httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <bnicho...@novell.com>
Subject Re: Configuration "regression" from 2.0 to 2.2
Date Thu, 04 May 2006 14:13:15 GMT
>>> On 5/3/2006 at 11:39 AM, in message <4458EAE9.9060204@gryzor.com>,
Vincent
Deffontaines <vincent@gryzor.com> wrote:
> Greetings,
> 
> The title of this email is an abuse. There is no real regression.
> Now :
> 
> #On 2.0 : this works
> AuthType Basic
> AuthName "foo" 
> AuthLDAPURL ldap://localhost/ou=Users,dc=web,dc=net
> AuthLDAPAuthoritative on
> require valid-user 
> 
> #On 2.2, this doesn't. According to slapd, bind fails as if binding
with
> a wrong password.
> AuthType Basic
> AuthBasicProvider ldap
> AuthName "foo"
> AuthzLDAPAuthoritative on
> AuthLDAPURL ldap://localhost/ou=Users,dc=web,dc=net
> require valid-user
> 
> As Nick Kew pointed out on IRC, using "AuthzLDAPAuthoritative" is a
> nonsense in this context, since "require valid-user" means no
further
> authorization should be performed.
> 
> This, however, makes it pretty counter-intuitive (at least, to me),
> especially in a 2.0->2.2 migration context.
> Since raising a warning at config parsing time is not a task easily
> feasable, I'd suggest adding a note about this in the 2.2
documentation.
> 
> 
> Regards,
> 
> Vincent Deffontaines
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org 
> For additional commands, e-mail: docs-help@httpd.apache.or 

It's already there.  Check out
http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#reqvaliduser


Brad

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org


Mime
View raw message