httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Saqib.N....@seagate.com
Subject Re: [users@httpd] Apache, LDAP AUTH and directory access
Date Mon, 11 Jul 2005 13:53:09 GMT
Hello,

You might have to create containers for each user. e.g.: (Notice "require 
saqib" instead of "require valid-user" 

<Directory /ftp/private/gael>
    Options MultiViews Indexes
    AuthType Basic
    AuthName "Private Zone"
    AuthLDAPUrl ldap://127.0.0.1:389/ou=users,ou=ftp,dc=test?uid?sub?
    AuthLDAPBindDN uid=avaliduidtologin,dc=test
    AuthLDAPBindPassword secret
    require gael
    <Limit GET POST>
            Order Deny,Allow
            Allow from All
    </Limit>
</Directory>

<Directory /ftp/private/saqib>
    Options MultiViews Indexes
    AuthType Basic
    AuthName "Private Zone"
    AuthLDAPUrl ldap://127.0.0.1:389/ou=users,ou=ftp,dc=test?uid?sub?
    AuthLDAPBindDN uid=avaliduidtologin,dc=test
    AuthLDAPBindPassword secret
    require saqib
    <Limit GET POST>
            Order Deny,Allow
            Allow from All
    </Limit>
</Directory>
... etc

Covalent < http://www.covalent.com >  provides mod_ftp < 
http://www.covalent.net/webinar/mod_ftp-Webinar.ppt > which does exactly 
what you are trying to do. And they make administration extremely easy 
through the use of a GUI. Take a look at that as well.

Thanks.
Saqib Ali
http://www.xml-dev.com/blog/



"Gael Mauleon" <admin@premiere-heure.fr> 
No Phone Info Available
07/11/2005 05:39 AM
Please respond to
users@httpd.apache.org


To
<users@httpd.apache.org>
cc

Subject
[users@httpd] Apache, LDAP AUTH and directory access






Subject: LDAP Auth and Users Directory
From: Gael Mauleon <spamquipy@yahoo.fr>
Newsgroups: comp.infosystems.www.servers.unix
 
Hi,
 
I have a few problems with the way I can use the LDAP auhtentification.
 
I want my users to view their directory with a basic authentification via 
LDAP, and I don't want to modify my config file with every users I add.
 
Here is what I used for the test ->
 
 
UserDir /ftp/private
<Directory /ftp/private/*>
    Options MultiViews Indexes
    AuthType Basic
    AuthName "Private Zone"
    AuthLDAPUrl ldap://127.0.0.1:389/ou=users,ou=ftp,dc=test?uid?sub?
    AuthLDAPBindDN uid=avaliduidtologin,dc=test
    AuthLDAPBindPassword secret
    require valid-user
    <Limit GET POST>
            Order Deny,Allow
            Allow from All
    </Limit>
</Directory>
 
 
This is working quite well but unfortunatly with that, everyone can 
authenticate into every directory, (bob can view with his login/pass the 
directory of john).
 
So my question is : 
 
Can I use some variable (contening requested directory for exemple) as a 
filter to my ldap search or in the Allow directive so a user can log only 
to his directory ??
 
Or perhaps (apart the .htaccess file), another solution exists ?
 
 
Thanks in advance.
Gael.
 
 
 

Mime
View raw message