httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew A. Raines" <aarai...@pobox.com>
Subject [users@httpd] Re: mod_auth_ldap connection reuse without re-BINDing
Date Mon, 12 Apr 2004 13:57:25 GMT
Milan Andric <mandric@eecs.berkeley.edu> writes:

> On Thu, Apr 08, 2004 at 04:20:30PM -0500, Andrew A. Raines wrote:
>> Have I configured something wrong?  It seems like there's no point
>> in offering the AuthLDAPBindDN directive if it's not going to be
>> used every time a new SRCH/BIND takes place.
>
> did it ever work as you described? not sure what the goal is?
> just to auth w/ldap?

Yes, the goal is to auth with LDAP.  No, it's never worked properly.

> i think that might be how AuthLDAPBindDN supposed to work, ie. if
> you always want to bind using a specific dn. i haven't searched
> the docs tho.

No, the purpose of AuthLDAPBindDN is to allow the SRCH operation in
a directory which prohibits it anonymously.

> maybe this config will help you?
>
> AuthName "REALM"
> AuthType Basic
> AuthLDAPURL ldaps://ldap.example.com/OU=Users,O=example,O=com?uid?one
> require user1 user2

That's essentially what I'm using now.

-- 
    aaraines@pobox.com (Andrew A. Raines)


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message