Eric Covener wrote:
On Thu, Jan 22, 2009 at 7:33 AM, Malka Cymbalista
<[email protected]> wrote:
We are running apache 2.2.6 on a Linux machine. We have enabledldap
authentication. I would like to allow users to authenticate to aparticular
directory either using a valid ldap userid from a list ofvalid userids or if
they are a member of a group that I have defined inan external file.
I put the following code into my httpd.conf file
<Directory /my/directory>
AuthType Basic
AuthName "Private Pages"
AuthBasicProvider ldap file
AuthGroupFile /WWW/httpd/conf/.htgroup
AuthUserFile /WWW/httpd/conf/.htpasswd
AuthLDAPRemoteUserAttribute cn
AuthLDAPURL "ldaps://a.server.com:111/o=Users?cn"
AuthLDAPBindDN cn=InternetAuthUser,o=system
AuthLDAPBindPassword xxxxx
AuthzLDAPAuthoritative Off
AuthLDAPRemoteUserIsDN On
Require group scientists
Require user user1 abuser
This did not work. The only way that I was able to allow theusers user1 and
abuser to get in to the directory was by creating agroup for the and adding
that group to the require group line anddeleting the Require user line.
Is there a way to authenticate either via a user or via a group?
You'll need to clarify the details, and show when/how it's failing,
but there's no reason why your authorization shouldn't be able to do
group OR user.
Should there not just be a "Satisfy any" there ?
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
