httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From SAQIB <sa...@seagate.com>
Subject Re: [users@httpd] mod_auth_ldap, frontpagehack, and AuthUserFile question:
Date Thu, 31 Jul 2003 22:37:37 GMT
You need to use the Require User Directive
e.g.

Require user 223344 556677 889900 ....

where 223344 556677 and are UIDs from the LDAP

if you use require valid-user, the auth_module will allow all the
authenticated uers.

Saqib Ali
---------
http://www.xml-dev.com

On Thu, 31 Jul 2003, Chris Strasburg wrote:

> Hello everyone,
>
> I need a little help integrating rtr's frontpage module and
> mod_auth_ldap.  The frontpage authentication works just fine using users
> and groups from the automatically setup local auth files, but when I
> follow the instructions on the mod_auth_ldap documentation page to use
> the frontpage hack, no ldap authentication is attempted.
>
> After munging around in the .htaccess files I found that ldap
> authentication will be attempted ONLY if I remove the AuthUserFile
> directive.  However, as expected, ANY ldap user is then allowed access,
> whether or not they have been added as an author to the frontpage web.
>
> I'm using RHL8.0 with Apache 2.0.47 built against openldap-2.0.27-2.8.0.
>   I'm also using nss_ldap for system level authentication and
> information lookups.
>
> Here is what my .htaccess file looks like:
>
> =========================
> # -FrontPage-
>
> IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
>
> <Limit GET POST>
> order deny,allow
> deny from all
> allow from all
> require valid-user
> </Limit>
> <Limit PUT DELETE>
> order deny,allow
> deny from all
> </Limit>
> AuthType Basic
> AuthName webDevelopment
> AuthLDAPURL
> "ldap://our.ldap.server:389/o=ourorg,c=ourc?cn?sub?(objectClass=*)"
> AuthLDAPAuthoritative off
> AuthLDAPFrontPageHack on
> AuthUserFile /web/internal/_vti_pvt/service.pwd
> AuthGroupFile /web/internal/_vti_pvt/service.grp
>
> =========================
>
> Thanks in advance!
>
> --
> Chris Strasburg
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message