httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreatta S├ębastien <sebastien.andrea...@gmail.com>
Subject [users@httpd] Apache 2.4 , AuthzProviderAlias doesn't work with SSL Virtualhost
Date Tue, 19 Aug 2014 11:10:17 GMT
Hi,

I write you today because i'm just upgrade from Centos 6.5 ( httpd 2.2 ) 
to Centos 7 ( httpd 2.4.6 ) .
Now, I try to use AuthzProviderAlias and I finally successfully make it 
work with http.

Here's my config ( /etc/httpd/conf.d/ldap.conf )

<AuthnProviderAlias ldap zzzldap>
     AuthLDAPBindDN cn=Manager,dc=Domain,dc=be
     AuthLDAPBindPassword xxx
     AuthLDAPURL ldap://localhost/ou=Users,o=Domain,dc=Domain,dc=be?uid??
</AuthnProviderAlias>

<AuthzProviderAlias ldap-group test 
cn=Warez,ou=Groups,o=Domain,dc=Domain,dc=be>
     AuthLDAPBindDN cn=Manager,dc=Domain,dc=be
     AuthLDAPBindPassword xxx
     AuthLDAPURL ldap://localhost/ou=Users,o=Domain,dc=Domain,dc=be?uid??
     AuthLDAPGroupAttribute member
     AuthLDAPGroupAttributeIsDN on
     Require ldap-group cn=Warez,ou=Groups,o=Domain,dc=Domain,dc=be
</AuthzProviderAlias>

I have a alias ( /etc/httpd/conf.d/phpsysinfo.conf ) :

Alias /phpsysinfo /var/www/phpsysinfo/

<Directory /var/www/phpsysinfo>
     AuthType Basic
     AuthName "Private access"
     AuthBasicProvider zzzldap

     Require ldap-group-warez
</Directory>

And that work !

But this configuration at the end of ssl virtualhost don't :

<Location /transmission>i
         AuthType Basic
         AuthName "Private access"
         AuthBasicProvider zzzldap

         Require ldap-group-warez
     </Location>

I get this :

[Tue Aug 19 12:44:02.948451 2014] [authz_core:debug] [pid 21410] 
mod_authz_core.c(802): [client 109.133.130.18:52734] AH01626: 
authorization result of Require ldap-group-warez : denied
[Tue Aug 19 12:44:02.948454 2014] [authz_core:debug] [pid 21410] 
mod_authz_core.c(802): [client 109.133.130.18:52734] AH01626: 
authorization result of <RequireAny>: denied
[Tue Aug 19 12:44:20.230719 2014] [authz_core:error] [pid 21409] [client 
109.133.130.18:50217] AH02305: no alias provider found for 
'ldap-group-warez' (BUG?)

If y try with "Require valid-user" i get this :

)
[Tue Aug 19 12:56:15.999373 2014] [authz_core:debug] [pid 22530] 
mod_authz_core.c(802): [client 109.133.130.18:59404] AH01626: 
authorization result of Require valid-user : denied (no authenticated 
user yet)
[Tue Aug 19 12:56:15.999376 2014] [authz_core:debug] [pid 22530] 
mod_authz_core.c(802): [client 109.133.130.18:59404] AH01626: 
authorization result of <RequireAny>: denied (no authenticated user yet)
[Tue Aug 19 12:56:15.999383 2014] [auth_basic:error] [pid 22530] [client 
109.133.130.18:59404] AH01618: user Crupuk not found: /transmission/


Could you tell me what i'm doing wrong ?

Thanks for your help



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message