https://bz.apache.org/bugzilla/show_bug.cgi?id=66398
Bug ID: 66398
Summary: AUTHORIZE_ variables not set when Require valid-user
not included in <Require*/>
Product: Apache httpd-2
Version: 2.4.54
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_authnz_ldap
Assignee: bugs@httpd.apache.org
Reporter: piotr.ko...@gmail.com
Target Milestone: ---
With:
<AuthzProviderAlias ldap-group ldap1 "...">
AuthLDAPURL "ldap://...?sAMAccountName,displayName,mail?sub?(objectClass=*)"
...
</AuthzProviderAlias>
and:
a)
Require valid-user
<RequireAny>
Require group ldap1
</RequireAny>
or:
b)
<RequireAll>
Require valid-user
<RequireAny>
Require group ldap1
</RequireAny>
</RequireAll>
Apache HTTPD 2.4.54 properly validates if user is valid AND validates if user
is member of ldap1. Both a) and b) rules work as expected.
Problem: mod_authnz_ldap sets AUHTHORIZE_ variables (AUTHORIZE_DISPLAYNAME,
AUTHORIZE_MAIL) only for b),
i.e. mod_authnz_ldap does not set AUHTHORIZE_ variables for the a) case.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
