On 8/29/07, Brad Nicholes <[EMAIL PROTECTED]> wrote: > The only real reason why you have to set LDAP to > non-authoritative when using LDAP authn only, is because LDAP > had to combine both authn and authz into the same module. This > is not a good practice in general, but in the case of LDAP there > was so much code and data overlap between authn_ldap and > authz_ldap, that splitting them apart was a problem.
To clarify; I understand not duplicating valid-user, but the other authz modules know to decline when they haven't seen a single requirement they grok, which allows mod_authz_user to authorize the request in the case of "Require valid-user". I don't think the coupling is a factor there. -- Eric Covener [EMAIL PROTECTED]
