I think "Allow from all" takes precedence, bypassing any other (CAS etc.) directives. I'd suggest reviewing Apache httpd docs on Order, Allow and require.
Tom. > This is what's in the ssl.conf: > <Directory "/var/www/html"> > Order allow,deny > Allow from all > AuthType CAS > AuthName "TEST CAS AUTH" > AuthLDAPURL > ldaps://ldap.example.com:636/ou=People,dc=example,dc=com?uid?one? > require ldap-user xxxxx > </Directory> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
