httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Shearer <j...@shearer-family.org>
Subject Re: [users@httpd] apache 2.2 and ldap group authentication
Date Tue, 02 Jun 2009 18:47:24 GMT
I have done what you suggested and was able to get what I thought Apache 
needed but that didn't seem to work once put into Apache.

I do think you are right, this is the wrong group to ask.

Peter Schober wrote:
> * Jeff Shearer <jeff@shearer-family.org> [2009-06-02 16:32]:
>> Over the last 3 days I have played with a number of configurations and 
>> executed numerous varieties of searchs.  But to no good.  If you look 
>> down to the caption "My Best Result,"  It seems OpenLDAP has made it to 
>> the point where it is searching the 2 cn(s).  But the filter error 
>> prevents it from finding the uniqueMember.  If you search for 
>> "bdb_search: 11 does not match filter" and move up 5 or six lines you 
>> will see what makes me believe this.
> 
> What's wrong with slapd's default loglevel of 256? Useless noise
> you're posting here, IMO. Logging ACLs is especially nonsensical when
> binding with the rootdn, as the rootdn is not subject to ACLs, as I
> explained in my other email. The default loglevel shows the filter and
> scope used, the number of entries being returned, as well as any error
> codes.
> But I don't see a need to post slapd logs here in the first place.
> If you don't understand them, this is the wrong list. If you do know
> what they mean, you probably have the necessary info to correct your
> AuthLDAPurl directive.
> 
> Maybe try constructing the necessary parts of the LDAPurl with the
> ldapsearch command line client first. One you get that working (which
> means you must understand all the parts: search base, scope, filter,
> attributes requested, etc.) put them together to a complete LDAPurl
> (per the RFC and possiby httpd docs).
> 
> -peter
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message