httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] Authenticating Apache against multiple groups in LDAP
Date Fri, 07 May 2010 20:04:20 GMT
On Fri, May 7, 2010 at 4:00 PM, Rodrigo Montenegro
<montenegro.r@gmail.com> wrote:
> Hey Guys!
>
> I have the following scenario. I want to authenticate and authorize users in
> a Apache server against an LDAP server.
> The things is that there is so a need to make this authorization checking up
> if the user is in one of many groups.
> The question is: is that possible? If it is, how can I make it happen?
>
> I have sucess on doing this authorization against one single group, but not
> search in many.
>
> <Location /somepath>
>
> AuthType Basic
> AuthName "Secret path"
> AuthBasicProvider ldap
> AuthLDAPUrl ldap://ldapserver/ou=organization,ou=org
> AuthzLDAPAuthoritative on
> AuthLDAPBindDN "uid=serviceuser,ou=services,ou=corp,ou=organization,ou=org"
> AuthLDAPBindPassword "servicepwd"
>
> AuthLDAPGroupAttribute uniqueMember
> AuthLDAPGroupAttributeIsDN on
>
> require ldap-group cn=group1,ou=Groups,ou=corp,ou=organization,ou=org
>
> </Location>
>
> In group1 there is a list in uniqueMember attribute containing all the DN
> users.

Just repeat the require for each group. Membership in any group lets them in.


-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message