I suggest a 600 perms sub-conf file you 'Include' in the main httpd.conf,
illegible to the non-root user. Or use starttls/ssl and add this client's
ldap cert to your servers ldap CA chain, protecting the key 600 as you
would always do. Same difference.
Erik Froese wrote:
I'm trying to move fr
I'm trying to move from apache 2.0 to 2.2 and would like to use the supplied *ldap modulesthat are built into apache. I'd like to authenticate against our LDAP but we don't alow anonymousbinds and I'd rather not store an LDAP user's name and pw in an apache conf file to get LDAP
authentication work
