|
I cannot seem to further restrict access within an authenticated
realm using LDAP. I can successfully limit access to a directory tree using the following... <Directory "/home/abc/public_html/mywiki"> But I want to further restrict access to a subdirectory below
this. Order Allow,Deny Allow from all AllowOverride All AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthName "Please enter your standard EMAIL address and Password" AuthLDAPURL ldaps://ldap.myco.com/o=myco.com?uid Require ldap-group cn=mygroup,ou=Groups,o=myco.com SSLRequireSSL </Directory> The above <Directory> directive (both are in the config file) seems to be ineffective. Yet from the documentation the longest directory should be the final directive applied. I have also tried using the <DirectoryMatch> and <LocationMatch> directives for the "secrets" subdirectory. Both these also fail to enforce the ldap group requirement. I have also verified the ldap group lookup works: when I require this in the top level directory then folks not in that group do get rejected. There is an .htaccess file, but i think it is not a problem... order allow,deny Any ideas as to what I'm doing wrong would be most appreciated. version: httpd-2.2.3-22.el5 os: Red Hat Enterprise Linux Server release 5.3 Thanks in advance Jon B |
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
|