httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jehan procaccia <jehan.procac...@it-sudparis.eu>
Subject Re: [users@httpd] mod_authnz_ldap AUTHENTICATE_* Env variables ?
Date Tue, 05 Feb 2008 11:26:25 GMT
Eric Covener wrote:
> On Jan 31, 2008 12:59 PM, Eric Covener <covener@gmail.com> wrote:
>   
>> On Jan 31, 2008 12:16 PM, jehan procaccia
>> <jehan.procaccia@it-sudparis.eu> wrote:
>>
>>     
>>> I do enter in mod_auth_cas for authn, then authz is supposed to be
>>> carried out from mod_authnz_ldap,
>>>       
>> Peaking at the source, it looks like mod_authnz_ldap only sets this
>> when it authenticates (checks the password) for a request, and not
>> when it does authorization (checks a Require)
>>
>>
>>     
>
> Which is vacuously true of mod_authn_dbd (emphasis on authn).  Looks
> like a doc bug or a feature request :/
>   
I confirm that I get the env variable when using pure mod_authzn_ldap 
config, exemple:

<Directory /var/www/html/jehan/cgi3/>
AuthType Basic
  AuthName "calaz"
  AuthBasicProvider "ldap"
AuthLDAPUrl 
"ldap://calaz.int-evry.fr/dc=int-evry,dc=fr?uid,mail,cn,eduPersonAffiliation"
  authzldapauthoritative Off
  require valid-user

ldap logs when connecting
Feb  5 12:12:38 localhost slapd[16931]: conn=3 op=1 SRCH attr=uid mail 
cn eduPersonAffiliation

 printenv.pl do show among others:
AUTHENTICATE_EDUPERSONAFFILIATION --> employee
AUTHENTICATE_MAIL --> test.test@int-edu.eu
AUTHENTICATE_CN --> test Test

But as soon as I cascade our mod_auth_cas SSO authn module , I loose 
these AUTHENTICATE_*  env variables :-( .

##AuthType Basic
##  AuthName "calaz"
 AuthType CAS
 AuthName "CAS SSO"
AuthLDAPUrl 
"ldap://calaz.int-evry.fr/dc=int-evry,dc=fr?uid,mail,cn,eduPersonAffiliation"
  authzldapauthoritative Off
  require valid-user

I do see the ldap request:
Feb  5 12:20:07 localhost slapd[16931]: conn=5 op=1 SRCH attr=uid mail 
cn eduPersonAffiliation

but attributes are not available in http env variable anymore .

Is there a way to get these variable AUTHENTICATE_* with an other authn 
module ?

Thanks.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message