Sorry, guys, another questions on webauthldap. This may have been asked before, but please bear with me as I didn't find an answer in the mailing list archive.
What is the difference between <Location /webapp/> AuthType WebAuth Require valid-user Require privgroup stanford:staff Require privgroup stanford:faculty </Location> and <Location /webapp/> AuthType WebAuth Require valid-user WebAuthLdapPrivgroup stanford:staff WebAuthLdapPrivgroup stanford:faculty </Location> The doc on WebAuthLdapPrivgroup says: The user's membership will be tested in the authorization group specified with this directive. If the user is a member of the group, the name of the group is placed in the environment variable WEBAUTH_LDAPPRIVGROUP. Besides this, does the two provide the same protection on the location? Are there any other differences between the two? Thanks in advance for all the help.
