At 03:29 PM 3/22/2005, Paul Querna wrote: >Rici Lake wrote: >>The referenced commit added two OR_ALL directives to util_ldap: >> LDAPTrustedClientCert >> LDAPTrustedMode > >I am going to change these to RSRC_CONF right now. It is just completely >broken to attempt to use the OR_ALL context.
Nope, the correct context would have been OR_AUTHCFG. Now, as far as if we can/should allow these in htaccess is another question. OR_ALL would have introduced a security hole.
