httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark jensen <ngiw2...@hotmail.com>
Subject [users@httpd] After authentication, How to authorize users according to IP (or host)?
Date Tue, 22 Jul 2014 14:38:35 GMT
According to this page: http://httpd.apache.org/docs/current/mod/mod_authz_host.html , we can
authorize the users  after Authentication, Is this true?

My problem is I'm trying to authenticate all my users (using LDAP) except some IPs, it have
worked will:

<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic

      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*)
      Require host
</Directory>

but when I add this line "Require ip 192.168.1.2"

<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic
      Require ip 192.168.1.2
      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*)
      Require valid-user
</Directory>


apache let 192.168.1.2 && 192.168.1.7 to enter the directory, so where is the authorization?
How can I make this directory available only for 192.168.1.2 and not to 192.168.1.7?
 		 	   		  
Mime
View raw message