httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ramesh Nadupalli <nadupalliram...@gmail.com>
Subject Re: [users@httpd] Access controls
Date Mon, 16 Dec 2013 10:02:43 GMT
sorry if I haven't made my requirement clear, Here is what I am
looking for...I was trying to achieve the below functionality,

http://myurl.com/sitea -> user1
http://myurl.com/siteb -> user1 &user2.
http://myurl.com/sitec -> user3.
http://myurl.com/sited -> user1, user2 and user3.

Using the require is allowing everyone in the LDAP, which we don't
want it. Hope its clear now?

Thanks
Ramesh

On Mon, Dec 16, 2013 at 2:32 PM, Otis Dewitt - NOAA Affiliate
<otis.dewitt@noaa.gov> wrote:
> What do you mean?
>
> "Since our requirement is to control access based on a path."
>
> <Location /example1>
>         AuthType basic
>         AuthName "Example 1 use your LDAP login."
>         AuthBasicProvider ldap
>         AuthLDAPURL
> "ldaps://example-ldap.example.com:636/o=example.com?uid??(&(objectClass=inetOrgPerson)(groups=groupA))"
>         AuthBasicProvider ldap
>                 Require user bob.stanton
>         SetOutputFilter DEFLATE
> </Location>
>
> <Location /example2>
>         AuthType basic
>         AuthName "Example 2 use your LDAP login."
>         AuthBasicProvider ldap
>         AuthLDAPURL
> "ldaps://example-ldap.example.com:636/o=example.com?uid??(&(objectClass=inetOrgPerson)(groups=groupA))"
>         AuthBasicProvider ldap
>             Require user tom.scott
>         SetOutputFilter DEFLATE
> </Location>
>
> This works perfect for me.
>
> Thanks,
> Otis
>
>
> On Sun, Dec 15, 2013 at 11:19 AM, Ramesh Nadupalli
> <nadupalliramesh@gmail.com> wrote:
>>
>> I use Directory. This is how my config file look like....
>>
>> <Directory />
>>         AuthType Basic
>>         AuthName "Enter your ID"
>>         AuthBasicProvider ldap
>>         AuthBasicAuthoritative off
>>         AuthLDAPUrl
>> ldap://url:389/dc=domain,dc=com?samAccountName?sub?(objectClass=*)
>> NONE
>>         AuthLDAPBindDN "cn=xxx,ou=xxx,dc=domain,dc=com"
>>         AuthLDAPBindPassword xxxxxxxxx
>>         Require valid-user
>> </Directory>
>>
>> On Sun, Dec 15, 2013 at 9:12 PM, Eric Covener <covener@gmail.com> wrote:
>> > On Sun, Dec 15, 2013 at 9:54 AM, Ramesh Nadupalli
>> > <nadupalliramesh@gmail.com> wrote:
>> >> Thanks Eric for your response. I have tried below options,
>> >>
>> >>         Require valid-user (when I pass valid-user, it authenticates
>> >> and allows everyone in the LDAP filter to access the webserver)
>> >>         Require user usera userb userc (It allows only these users)
>> >>
>> >> Since our requirement is to control access based on a path, I am not
>> >> sure what else can be used to read an access file.
>> >
>> > Enclose the directives in  <Location> or <Directory>?
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> > For additional commands, e-mail: users-help@httpd.apache.org
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message