subject:"svn commit\: r705361 \- in \/httpd\/httpd\/trunk\/modules\/aaa\: mod_authz_dbd.c mod_authz_dbm.c mod_authz_groupfile.c mod_authz_owner.c mod_authz_user.c"

Re: svn commit: r705361 - in /httpd/httpd/trunk/modules/aaa: mod_authz_dbd.c mod_authz_dbm.c mod_authz_groupfile.c mod_authz_owner.c mod_authz_user.c

2008-10-17 Thread Chris Darroch

Eric Covener wrote: Authorization in LDAP has a special path for when authentication wasn't handled by mod_authnz_ldap, but r-user still may be mappable to an DN on the LDAP server. Net, it can't do anything useful without r-user. This short-circuit should be possible well before the

Re: svn commit: r705361 - in /httpd/httpd/trunk/modules/aaa: mod_authz_dbd.c mod_authz_dbm.c mod_authz_groupfile.c mod_authz_owner.c mod_authz_user.c

2008-10-16 Thread Eric Covener

On Thu, Oct 16, 2008 at 5:09 PM, [EMAIL PROTECTED] wrote: NOTE: I can't test mod_authnz_ldap.c myself, so I'm not sure if it needs similar fixes. On the one hand, a NULL r-user in the authz handlers always generates a log message. However, it appears that authn_ldap_build_filter() will