>>> On 5/3/2006 at 11:39 AM, in message <[EMAIL PROTECTED]>, Vincent Deffontaines <[EMAIL PROTECTED]> wrote: > Greetings, > > The title of this email is an abuse. There is no real regression. > Now : > > #On 2.0 : this works > AuthType Basic > AuthName "foo" > AuthLDAPURL ldap://localhost/ou=Users,dc=web,dc=net > AuthLDAPAuthoritative on > require valid-user > > #On 2.2, this doesn't. According to slapd, bind fails as if binding with > a wrong password. > AuthType Basic > AuthBasicProvider ldap > AuthName "foo" > AuthzLDAPAuthoritative on > AuthLDAPURL ldap://localhost/ou=Users,dc=web,dc=net > require valid-user > > As Nick Kew pointed out on IRC, using "AuthzLDAPAuthoritative" is a > nonsense in this context, since "require valid-user" means no further > authorization should be performed. > > This, however, makes it pretty counter-intuitive (at least, to me), > especially in a 2.0->2.2 migration context. > Since raising a warning at config parsing time is not a task easily > feasable, I'd suggest adding a note about this in the 2.2 documentation. > > > Regards, > > Vincent Deffontaines > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED]
It's already there. Check out http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#reqvaliduser Brad --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
