Sorry if this belongs in the users group, it's a query, but a query about the working of the code.
I've filed a bug (32426) but am trying to fix it myself.
What I've found is that if user_is_dn is set (AuthLDAPRemoteUserIsDN in an .htaccess file) then
mod_auth_ldap sets r->user to be the users dn, not the user uid authenticated as.
util_script.c uses this value to set REMOTE_USER (Good, all is well :) but..
mod_auth.c users this value to check the require(d) user and of course fails as the list of users
is a list of uid's
mod_auth_ldap has it's own require ( user | group | valid-user) checks. These are used for require group
successfully but not require user.
Is there a way to get information such as req->user or user_is_dn back into mod_auth? I'm guessing not
easily & you don't really want to mess with mod_auth. Or get mod_auth to use mod_auth_ldaps' auth_checker
for require user as is does for require group which I think is the correct solution.
Hoping someone familiar with the code can save me some time.
Cheers, Duncan
