httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dmitri Colebatch" <...@colebatch.com>
Subject [users@httpd] authentication - one of several groups
Date Fri, 20 Jul 2007 02:19:03 GMT
Hi all,

This is a problem thats been irking me for a while and I'm hopeful
that some other users might be able to shed some light on the issue.
We use LDAP authentication and would like to allow access to a
location if a user is in one of a number of groups.  From reading
http://httpd.apache.org/docs/2.0/mod/core.html#require I had hoped
that something like this might work:

  <Location /foo>
    AuthType Basic
    AuthName "LDAP Authentication"
    AuthLDAPUrl ....
    AuthLDAPBindDN ...
    AuthLDAPBindPassword ...
    require group cn=tjunction.development_team,o=groups
cn=tjunction.papis.product.viewer,ou=internal,o=groups
  </Location>

But that refuses to authorize me.  Note that if I have either one of
those groups I am authenticated successfully.  I had thought perhaps
that the multiple groups meant that you had be in _all_ groups rather
than _either_ group, but this behaviour disproves that theory.

To me, it appears that this simply doesn't work as documented.  Can
someone see anything I'm doing wrong?  Anyone else have to deal with
this requirement?

cheers,
dim

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message