Also thank you for your suggestion on having multiple locations in the config, I'll give it a shot.Is it possible to have some sort of an accessfile to control the access for users?
On Mon, Dec 16, 2013 at 3:32 PM, Ramesh Nadupalli <nadupalliram...@gmail.com> wrote: > sorry if I haven't made my requirement clear, Here is what I am > looking for...I was trying to achieve the below functionality, > > http://myurl.com/sitea -> user1 > http://myurl.com/siteb -> user1 &user2. > http://myurl.com/sitec -> user3. > http://myurl.com/sited -> user1, user2 and user3. > > Using the require is allowing everyone in the LDAP, which we don't > want it. Hope its clear now? > > Thanks > Ramesh > > On Mon, Dec 16, 2013 at 2:32 PM, Otis Dewitt - NOAA Affiliate > <otis.dew...@noaa.gov> wrote: >> What do you mean? >> >> "Since our requirement is to control access based on a path." >> >> <Location /example1> >> AuthType basic >> AuthName "Example 1 use your LDAP login." >> AuthBasicProvider ldap >> AuthLDAPURL >> "ldaps://example-ldap.example.com:636/o=example.com?uid??(&(objectClass=inetOrgPerson)(groups=groupA))" >> AuthBasicProvider ldap >> Require user bob.stanton >> SetOutputFilter DEFLATE >> </Location> >> >> <Location /example2> >> AuthType basic >> AuthName "Example 2 use your LDAP login." >> AuthBasicProvider ldap >> AuthLDAPURL >> "ldaps://example-ldap.example.com:636/o=example.com?uid??(&(objectClass=inetOrgPerson)(groups=groupA))" >> AuthBasicProvider ldap >> Require user tom.scott >> SetOutputFilter DEFLATE >> </Location> >> >> This works perfect for me. >> >> Thanks, >> Otis >> >> >> On Sun, Dec 15, 2013 at 11:19 AM, Ramesh Nadupalli >> <nadupalliram...@gmail.com> wrote: >>> >>> I use Directory. This is how my config file look like.... >>> >>> <Directory /> >>> AuthType Basic >>> AuthName "Enter your ID" >>> AuthBasicProvider ldap >>> AuthBasicAuthoritative off >>> AuthLDAPUrl >>> ldap://url:389/dc=domain,dc=com?samAccountName?sub?(objectClass=*) >>> NONE >>> AuthLDAPBindDN "cn=xxx,ou=xxx,dc=domain,dc=com" >>> AuthLDAPBindPassword xxxxxxxxx >>> Require valid-user >>> </Directory> >>> >>> On Sun, Dec 15, 2013 at 9:12 PM, Eric Covener <cove...@gmail.com> wrote: >>> > On Sun, Dec 15, 2013 at 9:54 AM, Ramesh Nadupalli >>> > <nadupalliram...@gmail.com> wrote: >>> >> Thanks Eric for your response. I have tried below options, >>> >> >>> >> Require valid-user (when I pass valid-user, it authenticates >>> >> and allows everyone in the LDAP filter to access the webserver) >>> >> Require user usera userb userc (It allows only these users) >>> >> >>> >> Since our requirement is to control access based on a path, I am not >>> >> sure what else can be used to read an access file. >>> > >>> > Enclose the directives in <Location> or <Directory>? >>> > >>> > --------------------------------------------------------------------- >>> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>> > For additional commands, e-mail: users-h...@httpd.apache.org >>> > >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>> For additional commands, e-mail: users-h...@httpd.apache.org >>> >> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
