httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Patermann <hans.mo...@ofd-sth.niedersachsen.de>
Subject Re: [users@httpd] Filter by group attribute using mod authnz_ldap
Date Fri, 02 Oct 2009 12:46:54 GMT
Hi,

Mxrgus Pxrt schrieb:

> Would it be possible to filter users not only by user attributes or 
> groups but also by attributes of group using authnz_ldap?
> 
> Example:
> 
> Users:
> cn: First Last, ou: people, dc: lol
> cn: Second Last, ou: pople, dc: lol
> 
> Groups:
> cn: lord, ou: group, dc: lol
>  member: First Last
>  attribute111: yes
> 
> Now, if attribute111 is yes, auth succeeds.
> 
> 
> If not, what would be your recommendation, how to solve this task?
Hm, if there was any group-filter setting ...
But you have to _name_ the ldap-group anyone, don't you? So just name 
LDAP groups here which have the attribute. :)

If you use AuthLDAPBindDN for searching ldap by apache, you could "hide" 
other groups than these with the attribute by ACL on the ldap server.



Marc

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message