mod_authnz_ldap in 2.2.x doesn't track whether or not it has seen any applicable 'Require ldap-*' entries in the requires list, and also doesn't explicitly accept valid-user (despite a commnt)
Other authz modules check that their flavor of Require was present where they check if they're configured to be authoritative. At the simplest level, this allows the authz modules to DECLINE and let authz_user authorize based on "Require valid-user" To do authn-only where LDAP is used as the basic provider, (or otherwise configured in that context) you have to make LDAP non-authoritative or come up with some LDAP filter or attribute that is always true. Is this something were stuck with in a stable release? The trunk authz provider API makes this relevant only to 2.2.x. -- Eric Covener [EMAIL PROTECTED]
