Hello,
You might have to create containers for each user. e.g.: (Notice "require saqib" instead of "require valid-user"
<Directory /ftp/private/gael>
Options MultiViews Indexes
AuthType Basic
AuthName "Private Zone"
AuthLDAPUrl ldap://127.0.0.1:389/ou=users,ou=ftp,dc=test?uid?sub?
AuthLDAPBindDN uid=avaliduidtologin,dc=test
AuthLDAPBindPassword secret
require gael
<Limit GET POST>
Order Deny,Allow
Allow from All
</Limit>
</Directory>
<Directory /ftp/private/saqib>
Options MultiViews Indexes
AuthType Basic
AuthName "Private Zone"
AuthLDAPUrl ldap://127.0.0.1:389/ou=users,ou=ftp,dc=test?uid?sub?
AuthLDAPBindDN uid=avaliduidtologin,dc=test
AuthLDAPBindPassword secret
require saqib
<Limit GET POST>
Order Deny,Allow
Allow from All
</Limit>
</Directory>
... etc
Covalent < http://www.covalent.com > provides mod_ftp < http://www.covalent.net/webinar/mod_ftp-Webinar.ppt > which does exactly what you are trying to do. And they make administration extremely easy through the use of a GUI. Take a look at that as well.
Thanks.
Saqib Ali
http://www.xml-dev.com/blog/
"Gael Mauleon"
<[EMAIL PROTECTED]>
No Phone Info Available 07/11/2005 05:39 AM
|
|
Subject: LDAP Auth and Users Directory
From: Gael Mauleon <[EMAIL PROTECTED]>
Newsgroups: comp.infosystems.www.servers.unix
Hi,
I have a few problems with the way I can use the LDAP auhtentification.
I want my users to view their directory with a basic authentification via
LDAP, and I don't want to modify my config file with every users I add.
Here is what I used for the test ->
UserDir /ftp/private
<Directory /ftp/private/*>
Options MultiViews Indexes
AuthType Basic
AuthName "Private Zone"
AuthLDAPUrl ldap://127.0.0.1:389/ou=users,ou=ftp,dc=test?uid?sub?
AuthLDAPBindDN uid=avaliduidtologin,dc=test
AuthLDAPBindPassword secret
require valid-user
<Limit GET POST>
Order Deny,Allow
Allow from All
</Limit>
</Directory>
This is working quite well but unfortunatly with that, everyone can
authenticate into every directory, (bob can view with his login/pass the
directory of john).
So my question is :
Can I use some variable (contening requested directory for exemple) as a
filter to my ldap search or in the Allow directive so a user can log only
to his directory ??
Or perhaps (apart the .htaccess file), another solution exists ?
Thanks in advance.
Gael.