Eric Covener wrote:
Authorization in LDAP has a special path for when authentication wasn't handled by mod_authnz_ldap, but r->user still may be mappable to an DN on the LDAP server. Net, it can't do anything useful without r->user. This short-circuit should be possible well before the problematic functions you mention.
OK, I'll look at adding the same !r->user test, unless others think it's unnecessary. It looks like it might be necessary to me, but I'm not 100% sure. Chris. -- GPG Key ID: 366A375B GPG Key Fingerprint: 485E 5041 17E1 E2BB C263 E4DE C8E3 FA36 366A 375B