Clayton Hicklin wrote:
On Tue, Sep 16, 2008 at 3:37 PM, Eric Covener <[EMAIL PROTECTED]> wrote:
So, it looks like I need mod_setenvif, right? Could anybody write a
quick
directive that would look at REMOTE_USER to see if there is a backslash
("\"), and if there is, set the same variable to everything following
the
backslash? I think this would solve my problem. I would rather use
mod_authnz_ldap that mod_auth_sspi as it is included with Apache and is
well-supported.
The authentication/authorization modules don't read from the
REMOTE_USER environment variable.
--
Eric Covener
[EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Well, where are they getting their info? This is what I'm getting in the
error log:
[5028] auth_ldap authenticate: user WHQ_NT_DOMAIN\\ch017001 authentication
failed; URI /scpmanager/ [User not found][No Such Object]
Clearly domain\user is getting passed to the authn/authz modules from IE
somehow or another.
This is getting interesting. How indeed ?
Is there a way to trace the headers being sent back and forth during
this authentication phase, at the Apache level ? We're talking IE as a
browser here, so Firefox add-ons don't count.
If not, assuming that server has perl and mod_perl available, I could
put together a quick access handler that does that.
(as mentioned before, I have a stake in a solution too).
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
