Thanks, Eric! You saved my life! ____________________________________________ Rodrigo Montenegro de Oliveira
On Fri, May 7, 2010 at 17:04, Eric Covener <[email protected]> wrote: > On Fri, May 7, 2010 at 4:00 PM, Rodrigo Montenegro > <[email protected]> wrote: > > Hey Guys! > > > > I have the following scenario. I want to authenticate and authorize users > in > > a Apache server against an LDAP server. > > The things is that there is so a need to make this authorization checking > up > > if the user is in one of many groups. > > The question is: is that possible? If it is, how can I make it happen? > > > > I have sucess on doing this authorization against one single group, but > not > > search in many. > > > > <Location /somepath> > > > > AuthType Basic > > AuthName "Secret path" > > AuthBasicProvider ldap > > AuthLDAPUrl ldap://ldapserver/ou=organization,ou=org > > AuthzLDAPAuthoritative on > > AuthLDAPBindDN > "uid=serviceuser,ou=services,ou=corp,ou=organization,ou=org" > > AuthLDAPBindPassword "servicepwd" > > > > AuthLDAPGroupAttribute uniqueMember > > AuthLDAPGroupAttributeIsDN on > > > > require ldap-group cn=group1,ou=Groups,ou=corp,ou=organization,ou=org > > > > </Location> > > > > In group1 there is a list in uniqueMember attribute containing all the DN > > users. > > Just repeat the require for each group. Membership in any group lets them > in. > > > -- > Eric Covener > [email protected] > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [email protected] > " from the digest: [email protected] > For additional commands, e-mail: [email protected] > >
